Shock! Horror! Surprise! Yes, some Royal Baby malware has been discovered

Earlier this week, as the world’s media breathlessly reported that the Duchess of Cambridge had been whisked to hospital to have her baby, I posted a slightly tongue-in-cheek tweet:

To be honest, it wasn’t much of a prediction. Whenever there is a big news story which captures the attention of the world, there are often cybercriminals poised to take advantage.

It’s trivial for online criminals to craft spam and malware campaigns, disguised as content related to the breaking news story, in the knowledge that people are likely to click on links or visit websites without proper caution.

Sign up to our free newsletter.
Security news, advice, and tips.

Security researcher Chris Boyd at ThreatTrack may have been the first to spot the inevitable first occurrence of a Royal Baby-related malware attack. (Sheesh! The boy hasn’t even been given a name yet, but he’s inspired a Trojan horse).

Malicious email

According to Boyd’s analysis, malicious emails were spammed out on Tuesday pretending to offer links to a live webcam of the hospital where it was anticipated Kate and William’s child would make its first public appearance.

The Duke and Duchess of Cambridge have welcomed their first baby — a son and a future heir to the British throne — into the world. CNN has all the latest details of this momentous occasion.

Follow our live blog as we continue the baby watch with CNN’s reporters out in the field. And while we wait for news of the royal arrival’s name and his first appearance before the world’s cameras, you can catch up with the latest features, interviews, videos, interactives and more.

— Watch the hospital-cam (Note: This link will go down briefly when anchors and reporters are live on air on CNN. We will bring it back as soon as we can.)

Blog curated by Bryony Jones and Lauren Said-Moorhouse in London.

The truth was that the link actually attempted to infect visiting computers via the Blackhole Exploit kit info an infection by the Zeus banking Trojan horse.

This isn’t, of course, the first time that the romance of Prince William and his wife has caught the interest of malware authors.

For instance, in late 2010 I wrote about how criminals had used search engine poisoning to spread scareware to computer users hunting for news of their engagement.

Here is the video I made at the time:

My guess is that it won’t be the last time that their newborn child plays a role in a malware attack either. Let’s hope, for his sake, that his parents aren’t inspired to call him Zeus.

Always be careful to check that you are getting your breaking news from legitimate news organisations. If you haven’t signed up for email alerts about a Royal Baby’s birth, you should be suspicious if you receive an email about it out of the blue!

For more information on the Royal Baby malware, see these blog entries from ThreatTrack and Kaspersky.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.