Earlier this week, as the world’s media breathlessly reported that the Duchess of Cambridge had been whisked to hospital to have her baby, I posted a slightly tongue-in-cheek tweet:
At last! Duchess of Cambridge's labour has started. Malware authors worldwide have been waiting ages for this… #royalbaby
— Graham Cluley is on Threads, Mastodon, BlueSky (@gcluley) July 22, 2013
To be honest, it wasn’t much of a prediction. Whenever there is a big news story which captures the attention of the world, there are often cybercriminals poised to take advantage.
It’s trivial for online criminals to craft spam and malware campaigns, disguised as content related to the breaking news story, in the knowledge that people are likely to click on links or visit websites without proper caution.
Security researcher Chris Boyd at ThreatTrack may have been the first to spot the inevitable first occurrence of a Royal Baby-related malware attack. (Sheesh! The boy hasn’t even been given a name yet, but he’s inspired a Trojan horse).
According to Boyd’s analysis, malicious emails were spammed out on Tuesday pretending to offer links to a live webcam of the hospital where it was anticipated Kate and William’s child would make its first public appearance.
The Duke and Duchess of Cambridge have welcomed their first baby — a son and a future heir to the British throne — into the world. CNN has all the latest details of this momentous occasion.
Follow our live blog as we continue the baby watch with CNN’s reporters out in the field. And while we wait for news of the royal arrival’s name and his first appearance before the world’s cameras, you can catch up with the latest features, interviews, videos, interactives and more.
— Watch the hospital-cam (Note: This link will go down briefly when anchors and reporters are live on air on CNN. We will bring it back as soon as we can.)
Blog curated by Bryony Jones and Lauren Said-Moorhouse in London.
The truth was that the link actually attempted to infect visiting computers via the Blackhole Exploit kit info an infection by the Zeus banking Trojan horse.
This isn’t, of course, the first time that the romance of Prince William and his wife has caught the interest of malware authors.
For instance, in late 2010 I wrote about how criminals had used search engine poisoning to spread scareware to computer users hunting for news of their engagement.
Here is the video I made at the time:
My guess is that it won’t be the last time that their newborn child plays a role in a malware attack either. Let’s hope, for his sake, that his parents aren’t inspired to call him Zeus.
Always be careful to check that you are getting your breaking news from legitimate news organisations. If you haven’t signed up for email alerts about a Royal Baby’s birth, you should be suspicious if you receive an email about it out of the blue!
For more information on the Royal Baby malware, see these blog entries from ThreatTrack and Kaspersky.