14 DAY TRIAL // Major news has always been picked up by cybercriminals as a lure to malicious operations, and the recent death of Brazilian musician Cristiano Araújo makes no exception, as it is currently leveraged for the distribution of a well-known banking malware.
The Brazilian star, aged 29, lost his life in a car accident a few days ago after the speeding vehicle returning from a concert flipped over. His girlfriend died at the scene while he was rushed at the hospital and declared dead after doctors spent more than an hour trying to revive him after a cardiac arrest.
Banking malware stored in Google Drive
Following the tragic news, Symantec’s sensors observed malicious emails promising to offer footage of the accident being sent out to users in Brazil and Venezuela. The message simply advertises links to downloading the video in AVI or MP4 format.
The URLs direct to files stored in Google Drive, which are actually samples of the Bancos malware dropper that downloads and installs a banking Trojan with the same eponym, identified by Symantec as Infostealer.Bancos.
The malware is common in Latin America and its variants go as far back as 2009. Once it infects a machine, it starts collecting confidential banking information and sends it to the cybercriminals.
Crooks can use other means to lure victims
“Symantec advises users to be cautious when it comes to emails crafted around popular news stories such as the one discussed in this blog as they may be malicious. This type of social engineering is not limited to email and users should also be careful on social media sites as similar tactics can also be used,” the security company warns.
Users should be suspicious of unsolicited emails coming from unknown sources, especially when they claim to offer details of an incident that has been widely publicized.