Spanish train disaster exploited by sick malware authors

Train derailmentI warned in my last article about the CNN Breaking News malware attacks, that are exploiting news stories about the royal baby and other topics, but the latest incarnation of this internet attack really sends a chill down the spine.

Spam messages have been sent out about the horrific inter-city train derailment, near Santiago de Compostela in in the North West of Spain, claiming to be a breaking news report from CNN.

Here’s what the messages can look like, with content clearly lifted from a real CNN online report:

Spanish train disaster - malicious email

Sign up to our free newsletter.
Security news, advice, and tips.

The text of the message reads as follows:

77 dead after train derails, splits apart in Spain
By Al Goodman, Elwyn Lopez, Catherine E. Shoichet, CNN July 25, 2013 -- Updated 0939 GMT (1739 HKT)
iReporter: 'It was a horrific scene'
STORY HIGHLIGHTS

NEW: Train driver told police he entered the bend too fast, public broadcaster reports
NEW: Regional governor declares 7 days of mourning for the victims, broadcaster says
Witness: "The train was broken in half. ... It was quite shocking"
77 people are dead, more bodies may be found, regional judicial official says

Madrid (CNN) -- An express train derailed as it hurtled around a curve in northwestern Spain on Wednesday, killing at least 77 people and injuring more than 100, officials said.� Full Story >>>>

If you click on the links, you run the risk of your computer becoming infected by a malicious Trojan horse which could steal your passwords.

I realise that in all likelihood this current spate of attacks are just automatically scooping up hot stories from CNN's website, and using them in their attacks - but still... whoever is behind this campaign clearly has no feelings towards the relatives and loved ones of the scores of people who were either killed or seriously injured in the accident.

If you build a system which hoovers up breaking news stories, and uses them as a means to infect the innocent there's no two ways about it - you are sick in the head.

More details can be found on Dynamoo's blog.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.