Article Lead Image

Malware distributors exploit Boston Marathon tragedy

Since Monday's attack, hackers have been sending out emails linking to video of the bomb blasts that are really just cover for Trojan Horse viruses.


Tim Sampson


Posted on Apr 17, 2013   Updated on Jun 1, 2021, 6:16 pm CDT

In the days following the horrific attack on the Boston Marathon, many have taken comfort in stories that exemplify the best of human nature. The bystanders who ran toward the chaos, the marathoners who extended their run another two miles to donate blood, and the inspirational message of the attack’s youngest fatally-wounded victim all demonstrate what’s best in humanity.

But this goodness is not universal. In less than 48 hours, numerous malware attacks and cyber scams taking advantage of people’s grief have sprung up across the web.

Since Monday’s attack, which claimed three lives and injured more than 100 bystanders, hackers have been sending out emails linking to video of the bomb blasts that are really just cover for Trojan Horse viruses.

According to the blog Naked Security, the emails contain subject lines like “2 Explosions at Boston Marathon” or “Boston Explosion Caught on Video.” When a user clicks the link, the Trojan Horse will attempt to install malware that makes registry changes and installs new files to give hackers remote access. Most of the attacks have originated from Ukraine and Latvia.

“The sick truth is that malware authors and malicious hackers lose no sleep about exploiting the deaths of innocent people in their attempt to infect computers for the purposes of stealing money, resources and identities,” writes Graham Cluley, senior technology consultant at Sophos, regarding these attacks.

But this is hardly the only attempt by online scammers to exploit the Boston attack and this is hardly the first tragedy to be used in such a way.

The first notable online scam that tried to capitalize on the tragedy was the bogus @_BostonMarathon Twitter account, which promised to donate $1 for every retweet it received. The account was launched and then administratively removed with less than two hours of the explosions after Twitter users quickly called it out as fake.

But experts like H. Art Taylor of the Better Business Bureau’s Wise Giving Alliance say more scams are likely to come. More than 125 domain names like, and have already been registered, but it’s too early to tell which will be used for legitimate purposes.

“Social media, in particular, makes it very easy to reach a lot of people quickly, when emotions are running high and people feel the need to take action, any action, to help,” Taylor said.

If this all sounds familiar, its because it is. Similar scams cropped up after Hurricane Sandy, the Joplin Tornado, the Japanese Tsunami and virtually every other man made or natural disaster in recent history. But government agencies are trying to get ahead of the curve. Massachusetts Attorney General Martha Coakley is already advising would-be donors to be cautious in their efforts.

“We urge people from Massachusetts and across the country to continue to support the victims and those impacted by this horrific event,” Coakley said. “We also encourage people to do their homework on the charity before giving to ensure their money will go to the purpose they intend.”

Photo by Hahatango/Flickr

Share this article
*First Published: Apr 17, 2013, 2:42 pm CDT