Spammed-out Japanese Tsunami video links lead to malware attack

Experts at SophosLabs have intercepted a malware campaign that has been spammed out to users across the globe, posing as links to videos about the Japanese Tsunami.

Examples caught in Sophos’s network of spamtraps have used various different wording for the video links, including: “VIDEO: The village that escaped the tsunami”, “VIDEO: Struggle for normal life in Japan”, “VIDEO: Woman talks about tsunami escape”, and “Japan tsunami touches New Zealand”.

Other malicious emails related to Japanese Tsunami

Fortunately the emails are pretty amateurishly assembled, as you can see in the following example, but such is the public’s interest in watching the news from Japan that some may be temped into clicking on the links out of curiousity.

Sign up to our free newsletter.
Security news, advice, and tips.

Japanese Tsunami malware email

The webpages linked to from the emails contains malicious Javascript (detected by Sophos as Troj/JSAgent-P) and a Java Applet (detected as Troj/JavaDl-BL) which attempt to exploit the CVE-2010-0840 vulnerability in the Java Runtime Environment.

Although the above emails may look a little suspicious because of their unprofessional layout, we have also seen some of the dangerous links emailed out as though they were Twitter notifications.

Japanese Tsunami-related malware attack posing as a Twitter notification

Our advice remains the same – keep your anti-virus software up-to-date, install the latest security patches, and if you’re looking for news about the disaster in Japan, go to the legitimate news websites.

Scammers and cybercriminals feast upon natural disasters such as the earthquake and tsunami in Japan in their desire to make money and infect computers.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.