Hackers exploit Boston tragedy to spread malware via fake bombing links

Cybercriminals are exploiting the Boston Marathon bombing by spreading malware through spam mail with links to supposed videos of the tragedy, security vendors warned Wednesday. Kaspersky Labs said the sample emails it received had names like "news.html" but contained links to malicious sites. "These pages contain URLs of non-malicious YouTube clips covering the recent event. After a delay of 60 seconds, another link leading to an executable file is activated," it said in a blog post. Kaspersky said the malware dubbed "Trojan-PSW.Win32.Tepfer.*" will then try to connect to several Internet Protocol (IP) addresses in Ukraine, Argentina and Taiwan. A separate blog post by security vendor Sophos added the malware makes changes to the Windows registry and lets hackers remotely access infected computers. "Clearly, there are no depths to which cybercriminals are not prepared to stoop in their hunt for victims... The sick truth is that malware authors and malicious hackers lose no sleep about exploiting the deaths of innocent people in their attempt to infect computers for the purposes of stealing money, resources and identities," it said. — DVM/HS, GMA News