Heads up infidels…

a couple of real confirmed viruses targeted at those watching the Boston terrorist attack story unfold.

viruses seen as emails with the following 3 subject lines

  • Opinion: FBI knew about bombs 3 days before Boston Marathon – Why and Who Benefits?
  • Opinion: Boston Marathon Explosions – FBI Benefits?
  • Explosion at Boston Marathon

they all have the following in common with the link being an IP address with /boston.html at the end.

the sending IP addresses are (Iran), (US) & (Belarus)

as the senders email addresses are spoofed, I won’t bother mentioning

original post below…

There are posts and comments going around Facebook with a link to what appear to be a video outside of Facebook, I’ve seen wording such as…
although it will be many similar variations. If you click on it, you will get a warning from Facebook to say you’re leaving their safety.

I have also just seen a very well-crafted email that appears to show a link to a regular html file.

A subject similar to “Explosions at Boston Marathon”
and just a link looking like “http://”

Neither of these viruses were picked up by the couple of scanners I have tried.

But like anytime I see something suspicious like this, running the url through an online scanner such as http://sitecheck.sucuri.net/ proved that the url would have redirected me to an .exe, and I guess a .dmg if I’d been using a Mac.

boston virus

I’m sure there are other versions around (please let me know of variations you see)…

#OpUSA is only a couple of weeks away and I am sure we are going to see a lot more targeting like it, these are the same people that were active in the #OpIsrael attacks, so you can have a pretty good guess who they are.

Make sure you have an AV program, but don’t rely on it.
If you have a blog, especially WordPress, use one of the free addons, and for God sake, complex passwords for the admin account, and I mean “&F3CgGEx” complex.

Stay safe.

One Reply to “Heads up infidels…”

Leave a Reply

Your email address will not be published. Required fields are marked *