Why events that get massive media coverage are a boon for malware writers.

Around 2:50 PM EDT today, two bombs were detonated in Boston on Boylston Street near Copley Square, just before the finish line of the 2013 Boston Marathon. The bombs killed at least 2 people and injured at least 134. Before I get started with this post, I would like to extend my deepest condolences to those affected by this act of terrorism. And I almost did not post this, because I do not think you deserve to go through the pain of discovering how malware writers are making money off of an event that caused you pain, physical or emotional. But the population at large deserves to know.

So, how do malware writers capitalize on events like these? The most destructive of ways is SEO poisoning, which is a method of cheating search engines so that infected websites end up at the top of the results. In this case, you could search for "Boston Marathon bombing" and you naturally click on one of the first results you see. From a search engine, these infected websites can do such things as redirect you to a website that claims that your computer is infected. If you are a fan of my blog, you no doubt notice that this is a classic method that rogue antivirus programs use to scare you. But this is just one example, the infected website could also download malware of all kinds to your computer without your knowledge.

A less destructive method used is by email. Malware writers send out mass emails either using an email account that the email originated from, or from a hijacked email account. So you can get an email from your friend in your inbox about the bombing that would have malware right in the message, or the malware could be in a fake "document" that supposedly contains information about it. One possible scenario is that the email could contain information about a fictitious "forth bomb."

Once again, I would like to extend my deepest condolences to those affected by this tragic event.