Spammed-out Japanese Tsunami video links lead to malware attack

Experts at SophosLabs have intercepted a malware campaign that has been spammed out to users across the globe, posing as links to videos about the Japanese Tsunami.

Examples caught in Sophos’s network of spamtraps have used various different wording for the video links, including: “VIDEO: The village that escaped the tsunami”, “VIDEO: Struggle for normal life in Japan”, “VIDEO: Woman talks about tsunami escape”, and “Japan tsunami touches New Zealand”.

Fortunately the emails are pretty amateurishly assembled, as you can see in the following example, but such is the public’s interest in watching the news from Japan that some may be temped into clicking on the links out of curiousity.

The webpages linked to from the emails contains malicious Javascript (detected by Sophos as Troj/JSAgent-P)…

Read more in my article on the Naked Security website.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley •   @gcluley

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.