The Complex

Hackers are already exploiting the Boston Marathon bombings (and the Texas explosion)

This didn’t take long. Cyber criminals have begun exploiting the Boston Marathon bombings to spread malware. That’s right, hackers are sending out a spam email labeled "Boston Marathon Explosion" in the subject line, according to a brand new FBI warning. The email contains a link to a website showing a series of photos of the ...

By
Getty Images
Getty Images
Getty Images

This didn't take long. Cyber criminals have begun exploiting the Boston Marathon bombings to spread malware.

This didn’t take long. Cyber criminals have begun exploiting the Boston Marathon bombings to spread malware.

That’s right, hackers are sending out a spam email labeled "Boston Marathon Explosion" in the subject line, according to a brand new FBI warning. The email contains a link to a website showing a series of photos of the attack site. At the bottom of the page there’s an unloaded video that directs to "the Red Exploit Kit," according to the warning.

FP staffers have actually recieved several similar emails titled, "2 Explosions at Boston Marathon" and "Texas Plant Explosion".

The Red Exploit Kit is a new hacking tool that allows criminals to surreptitiously find security vulnerabilities in a victim’s computer and upload malicious software through those vulnerabilities. "Once an exploit has been successful, the user sees a popup asking them to download a file, at which time the malware is downloaded," the warning says.

Once in, the hackers may look for personal information about their victims, according to the FBI. Personal information could include anything from bank account numbers to website passwords.

The FBI’s announcement goes on to warn against fake charity Twitter accounts soliciting donations for victims of the attacks: "According to various reports, a Twitter account was created soon after the explosions that resembled a legitimate Boston Marathon account. Allegedly, for every tweet received to the account a dollar would be donated to the Boston Marathon victims."

The warning goes on to say that, while that account has been suspended, other fraudulent accounts may be set up. "The FBI was made aware of at least 125 questionable domains registered within hours of the Boston Marathon Explosions. Though the intentions of the registrants are unknown, domains have emerged following other disasters for fraudulent purposes."

Here are the FBI’s recommendations for avoiding marathon bombing-related online scams.

Individuals can limit exposure to cyber criminals by taking the following preventative actions when using email and social networking Web sites.

  • Messages may contain pictures, videos, and other attachments designed to infect your computer with malware. Do not agree to download software to view content.
  • Links appearing as legitimate sites (example: fbi.gov), could be hyperlinked to direct victims to another Web site when clicked. These sites may be designed to infect your computer with malware or solicit personal information. Do not follow a link to a Web site; go directly to the Web site by entering the legitimate site’s URL.

Individuals can also limit exposure to cyber criminals by taking the following preventative actions when receiving solicitations from, or donating to, charitable organizations online.

  • Verify the existence and legitimacy of organizations by conducting research and visiting official Web sites. Be skeptical of charity names similar to but not exactly the same as reputable charities.
  • Do not allow others to make the donation on your behalf. Donation-themed messages may also contain links to Web sites designed to solicit personal information, which is routed to a cyber criminal.
  • Make donations securely by using debit/credit card or write a check made out to the specific charity. Be skeptical of making donations via money transfer services as legitimate charities do not normally solicit donations using this method of payment.

John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.

Tags: Cyber Security & Hacking, National Security Agency

Editors’ Picks

  1. 1
    Iraqi Kurdistan’s House of Cards Is Collapsing
  2. 2
    America’s Zero-Sum Economics Doesn’t Add Up
  3. 3
    What America’s Civil War Can Teach Us About Israel’s
  4. 4
    Skilled Migrants Aren’t Interested in Germany
  5. 5
    How U.S. Evangelicals Helped Homophobia Flourish in Africa
  6. 6
    Xi and Putin Have the Most Consequential Undeclared Alliance in the World

More from Foreign Policy

Newspapers in Tehran feature on their front page news about the China-brokered deal between Iran and Saudi Arabia to restore ties, signed in Beijing the previous day, on March, 11 2023.
Newspapers in Tehran feature on their front page news about the China-brokered deal between Iran and Saudi Arabia to restore ties, signed in Beijing the previous day, on March, 11 2023.

Saudi-Iranian Détente Is a Wake-Up Call for America

The peace plan is a big deal—and it’s no accident that China brokered it.

Austin and Gallant stand at podiums side by side next to each others' national flags.
Austin and Gallant stand at podiums side by side next to each others' national flags.

The U.S.-Israel Relationship No Longer Makes Sense

If Israel and its supporters want the country to continue receiving U.S. largesse, they will need to come up with a new narrative.

Russian President Vladimir Putin lays flowers at the Moscow Kremlin Wall in the Alexander Garden during an event marking Defender of the Fatherland Day in Moscow.
Russian President Vladimir Putin lays flowers at the Moscow Kremlin Wall in the Alexander Garden during an event marking Defender of the Fatherland Day in Moscow.

Putin Is Trapped in the Sunk-Cost Fallacy of War

Moscow is grasping for meaning in a meaningless invasion.

An Iranian man holds a newspaper reporting the China-brokered deal between Iran and Saudi Arabia to restore ties, in Tehran on March 11.
An Iranian man holds a newspaper reporting the China-brokered deal between Iran and Saudi Arabia to restore ties, in Tehran on March 11.

How China’s Saudi-Iran Deal Can Serve U.S. Interests

And why there’s less to Beijing’s diplomatic breakthrough than meets the eye.

Trending

  1. Iraqi Kurdistan’s House of Cards Is Collapsing
    Argument |
    Winthrop Rodgers

  2. America’s Zero-Sum Economics Doesn’t Add Up
    Essay |
    Adam Posen

  3. Xi and Putin Have the Most Consequential Undeclared Alliance in the World
    Argument |
    Graham Allison

  4. To Save His Pension Reform Bill, Macron Has Lost France
    Report |
    Michele Barbero

  5. Keep Talking to the Taliban
    Argument |
    Adam Weinstein
Latest

What America’s Civil War Can Teach Us About Israel’s

How Albania Became a Target for Cyberattacks

Ehud Barak: Netanyahu Is Destroying Israel’s Democracy

What in the World?

AUKUS Gets Awkward Down Under
See All Stories