Cybercriminals Exploit Boston Bombings in Malware Email Campaign

       Cybercriminals Exploit Boston Bombings in Malware Email Campaign

Users should be cautious when receiving emails about "breaking news" or
"exclusive videos" as additional email attacks are likely

PR Newswire

MCLEAN, Virginia, April 18, 2013

MCLEAN, Virginia, April 18, 2013 /PRNewswire/ --

Commtouch^® (NASDAQ: CTCH), a leading provider of Internet security technology
and cloud-based services, warns that cybercriminals have begun exploiting
Monday's terrorist attacks on the 2013 Boston Marathon in malware email
campaigns discovered by Commtouch's research labs. The first emails were
identified on April 16 around 6 p.m. EDT, about 27 hours after the attacks.

 (Logo: )

The emails have subject lines such as "BREAKING - Boston Marathon Explosion,"
"Explosion at Boston Marathon," "Boston Explosion Caught on Video" and "Video
of Explosion at the Boston Marathon 2013." The email body contains no text but
only a link consisting of an IP address and an HTML document with the names
"boston.html" or "news.html."

When clicked on, the user is directed to a Web page which contains actual
YouTube videos from the incident. However, the site contains something else as
well: an iframe leading to malicious Java code which is activated when the
site in opened in the browser. In this way, the cybercriminals can
automatically load malware onto the user's computer without the user actually
noticing this.

The campaign is following a familiar pattern: cybercriminals are exploiting
the public interest in current news stories to lure unsuspecting users to
infected sites. Last month, events like the election of the new pope were used
in this way.

Commtouch warns that this is likely the first of various attempts by
cybercriminals to profit from the huge public interest in the Boston attacks.
Users are advised to be very cautious when receiving email allegedly linking
to breaking news stories or "exclusive" video. The safest option is always to
go to trusted news sites directly when looking for news reports or videos.

Commtouch and its Internet Threat Analysis Team identify threats using
Commtouch's GlobalView™ Cloud, which analyzes more than 12 billion
transactions every day at a rate of more than 138,000 a second.

About Commtouch

Commtouch^® (NASDAQ: CTCH) is a leading provider of Internet security
technology and cloud-based services for vendors and service providers,
increasing the value and profitability of our customers' solutions by
protecting billions of Internet transactions on a daily basis. With 12 global
data centers and award-winning, patented technology, Commtouch's email, Web,
and antivirus capabilities easily integrate into our customers' products and
solutions, keeping safe more than 350 million end users. To learn more, visit

  oTwitter: @Commtouch

Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and
Commtouch is a registered trademark of Commtouch. U.S. Patent No. 6,330,590 is
owned by Commtouch. All other trademarks are the property of their respective

Company Contact:
Brian Briggs, Chief Financial Officer

U.S.Investor Contact:
Christopher Chu

IsraelInvestor Relations Contact:
Iris Lubitch

Commtouch Media Contact:
Matthew Zintel
Zintel Public Relations

SOURCE Commtouch
Press spacebar to pause and continue. Press esc to stop.