Information Security News
mailing list archives
Malware and domain-squatters target Boston Marathon bombing
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 18 Apr 2013 04:15:45 -0500 (CDT)
By Iain Thomson in San Francisco
17th April 2013
The scummier end of the online community has been quick to use Monday's bombing
of the Boston Marathon as bait for multiple malware dispersals, plus a spot of
old-fashioned online fraud along the way.
Within 24 hours of the blasts, the ISC reported that 234 potentially fake
domains have been registered featuring mention of the attack. Some have started
soliciting donations (including one asking for Bitcoins – evidently confident
that the current $90 unit price will rise again) but there are no reports of
spammers using them, as yet.
It should be pointed out that a few of these domains were bought by people
looking to stop squatters, and most are "parked" or dead-end links at this
stage. John Bambenek, ISC member and founder of Bambenek Consulting, said the
figures were rather a positive sign.
"I would have thought this would have picked up quicker than it had," he said.
"That said, it did give me the impetus to finish scripting a few things to
basically monitor these domains automatically to start looking for indicators
and to see when (or if) they ever come out of 'parked' status."
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
- Malware and domain-squatters target Boston Marathon bombing InfoSec News (Apr 18)