UPDATE: Boston Marathon explosion spam leads to Malware

Be wary of emails claiming to link to information about the Texas fertilizer plant fire or the Bostom Marathon bombing, says the UAB Spam Data Mine.

The Center for Information Assurance and Joint Forensics Research’s Spam Data Mine has picked up a quickly spreading campaign of malware spam claiming to offer information on the Boston Marathon bombing. In the last 12 hours, the Data Mine has confirmed that the same group has added the Texas fertilizer plant fire to its roster of email subject lines.

Seven malware distribution points have been identified as of 10:30 a.m. April 18, and the UAB Spam Data Mine is working with investigators to shut them down.

The Texas-subject emails are moving at a smaller volume than those received in conjunction with the Boston Marathon bombing, but continue coming in. Common subject lines for these emails mention the Boston Marathon explosion or the Texas fire and claim to be headlines from CNN about the event and include a single link. Once infected, a computer joins the distribution of malware emails or can become infected with a malware called “Cridex.”

The Spam Data Mine gathers more than 1 million emails per day and has been used in FBI operations, as well as numerous other government investigations.

Learn more from Gary Warner, director of research in computer forensics: http://garwarner.blogspot.com/