With the election and ushering in of Pope Francis hackers have taken to the web to initiate Pope-themed spam attacks, which lead to the spread of flagrant malware.
Vatican City has been at the forefront of just about every popular media outlet spewing details and insider information from the time that Benedict XVI announced his resignation, to the election of Pope Francis. There is no doubt that the new Pope is a major headliner and hackers are taking advantage of the circumstances, just as they always do when a hot news story hits the media. In some recent events, those with too much time on their hands have created fake Pope Twitter account.
What the latest news events surrounding the election of Pope Francis allows hackers to do is to cast a billow of clouds over potential victims of new malware campaigns. These new campaigns have been identified several different spam messages with subject lines related to the new Pope reading like the following:
- Opinion: Can New-Pope Benedict be Sued for the Sex Abuse Cases? – [REMOVED site url]
- Opinion: New Pope, Vatican officials sued over alleged sexual abuse! – [REMOVED site url]
- Opinion: New Pope Sued For Not Wearing Seat Belt In Popemobile …
Naturally, as with any curious person, you would want to open emails with a subject line like the ones above right? As it turns out, the spam messages with the subject links listed above are known to redirect computer users to a compromised website hosting a nasty payload. This payload consists of the Blackhole Exploit Kit, a menacing toolkit used by hackers to perform many malicious actions such as siphon banking account data, remotely control infected systems and avoid detection through stealth techniques.
The spam campaign taking advantage of current Pope news and events is quite aggressive and has been known to contain links throughout the body of the spam message. Part of the spam messages, from what we have seen thus far, claims to have a link to full stories related to recent events surrounding the new Pope, as well as links to forward or save the link (story).
Hackers commonly abuse the popularity of a figure or a popularized news story to increase their chances of a successful attack or malware campaign. Computer users are urged to utilize caution when reading email messages claiming to be related to a popular news story or event.