Spam delivers fake news of bomb blast as lure to malicious code
Security firms are sounding the alarm about spam messages purporting to report a bomb explosion in order to get victims to click on a fake Reuters news video and download malicious code to their computers.
The spam message uses IP geo-location services to name local cities or towns to more successfully personalize a message about people killed from a bomb going off nearby as described in a fake news story falsely claiming to be from Reuters.
According to security firms Sophos and Marshal8e6, which are both monitoring the bomb-explosion spam, it makes use of what's called the Waled or Waledpak Trojan to get victims to click on the fake Reuters video that leads them to malicious code that is downloaded to the computer.
The subject line of the spam is typically "Take care!" or "Are you and your friends in good health?"