Endpoint Protection

 View Only

Brazilian musician Christiano Araujo's tragic death used to spread malware 

Jun 26, 2015 12:56 PM

Araujo header.jpg

Unfortunately, as we’ve seen countless times before, tragic events involving famous people will almost certainly end up being used by cybercriminals as part of their social engineering scams.

A few days ago, the Brazilian singer and songwriter Cristiano Araújo lost his life in a tragic car accident. Araújo’s music brought happiness to not only his fans in Brazil but also to many others in countries throughout South America as well as his fans around the world.

Sadly, following Cristiano Araújo’s death, Symantec started to observe malicious spam email using the news as a lure. Some of the spam emails attempt to entice users into downloading video footage of the accident. If users click on the Google Drive URL found in the email, they will end up downloading malware (detected as Downloader.Bancos).

Araujo 1.png
Figure 1. Spam email example

Once the initial malware, a downloader, infects the computer, it will download Infostealer.Bancos, a well-known banking malware that has been plaguing South America for a while now.  Our telemetry on the malware distributed by this spam campaign shows it targeting users in Brazil and Venezuela.

Araujo 2 edit.png
Figure 2. Infostealer.Bancos targeting users in Brazil and Venezuela

Symantec advises users to be cautious when it comes to emails crafted around popular news stories such as the one discussed in this blog as they may be malicious. This type of social engineering is not limited to email and users should also be careful on social media sites as similar tactics can also be used

Before you click on a link in an email or one shared on social media, be sure to follow these best practices:

  • Be vigilant and skeptical when reading sensational stories on social media sites or in emails.
  • Never install applications or do surveys in order to view gated content. It's a trick to put money in the pockets of scammers and your computer or device is at risk to malware.
  • Visit trusted news sources for information. Instead of clicking on random links online, go directly to your trusted news source.
  • Report suspicious content. Do your part by reporting this type of content as spam.

Symantec and Norton detect the threats discussed in this blog as Downloader.Bancos and Infostealer.Bancos. The spam emails discussed in this blog are also blocked by our antispam technologies

0 Favorited
0 Files

Tags and Keywords

Related Entries and Links

No Related Resource entered.