Hackers use Brazilian plane crash to push malware
- 19 July, 2007 07:42
Hackers haven't wasted any time exploiting the airplane crash in Sao Paulo, Brazil that claimed nearly 190 deaths Tuesday, a U.S. security company said Wednesday.
An e-mail campaign is using the tragedy to lure readers to a malicious Web site, reported Websense in an alert. According to Websense, the e-mail, written in Portuguese, includes details of the TAM airlines flight that crashed after trying to land at the notoriously dangerous Congonhas Airport, which is located in the middle of Sao Paulo.
"As soon as their names are confirmed, we'll notify the families before any further information becomes public, as determined by existing law," the message read, as translated by Websense. "We remind you that TAM has started its Victims and Family Assistance Program and provided a collect number 0800-117900, designed to provide information to families and crew members from this flight."
The site linked to in the e-mail, which is hosted in South Korea, has hosted malicious Brazilian code in the past, Websense said.
"If users click on the link, they are prompted to run some code. The code, when launched, is a Trojan downloader that connects to another site to download and install an information-stealing Trojan horse," warned Websense.
TAM has already released a list of the passengers and crew on the flight, as well as seven company workers it said were killed on the ground. The airline said today that 186 people were aboard the Airbus 320, reported CNN. As of mid-day today, however, police said that only eight of the 158 bodies recovered had been identified.
Cybercriminals don't hesitate to take advantage of disasters large and small to dupe users into visiting sites or opening attachments. Major spikes in spam, phishing attacks, and malware infections, for example, quickly followed such events as the December 2004 tsunami in Southeast Asia and the August 2005 landfall of Hurricane Katrina in the U.S.