Sunday, 20 July 2014

Cyber Criminals Use Malaysia Airlines Flight MH17 Plane Crash News to Bait Users

Malaysia Airlines Flight MH17 Plane Crash
Any occasion that captures public attention – regardless of how sensitive – comes out to be an opportunity for spammers and hackers to snatch users’ personal information and spread malware, and the tragedy of the crashed Malaysia Airlines flight MH17 is no exception.

According to the U.S. intelligence officials, Malaysia Airline Flight MH17, a Boeing 777 aircraft carrying 283 passengers and 15 crew members, was struck by a ground-to-air missile. So far, it’s unclear, whether the missile was launched by the Russian military or pro-Russian separatist rebels. Ukraine and the insurgents blamed each other.

Spammers and cybercriminals are quick to take advantage of the tragedy and started spreading malware through the social media websites, abusing the mystery behind the crash of Malaysia Airline Flight MH17.

Researchers at the anti-virus firm Trend Micro came across some suspicious tweets written in Indonesian language. The cybercriminals are using the trending #MH17 to lure innocent users who are actually looking for news related to Malaysian Airplane Flight MH17 crash down.

The suspicious tweets started spreading just after Malaysian Airline tweeted on July 17: “Malaysia Airlines has lost contact of MH17 from Amsterdam. The last known position was over Ukrainian airspace.

Hundreds of users have already retweeted those malicious tweets that indirectly encourage their individual followers to visit the malicious links.
spam tweet 1

spam tweet 2
The website belongs to a shared hosting located in U.S which also host number of legitimate domains and researchers concluded that the purpose behind the spam campaign could be to gain attention of the visitors in order to make money from the advertisement.

Moreover, the shared hosting also provide hostage to a number of malicious domains as well, that are connected to a ZeuS variant and SALITY malware. ZeuS are very well known to steal financial information of the users, while SALITY is a “malware family of file infectors that infect .SCR and .EXE files,” researchers said in a blog post.

“Once systems are infected with this file infector, it can open their systems to other malware infections thus compromising their security.”

This is not first time cyber criminals targeted Malaysian airlines. Also few months back, spammers targeted missing Malaysian plan and spread malware on the social networking sites including Facebook, abusing the mystery behind the Malaysia Airline Flight MH370, a Boeing 777-200 aircraft that had gone missing by the time it flew from Kuala Lumpur to Beijing.

Referencfe- http://thehackernews.com/

No comments:

Post a Comment