Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News Categories

Flight MH370 News Exploited by Cybercriminals, Online Threats Circulating

By Joy Hou - on 18 Mar 2014, 6:20pm

Flight MH370 News Exploited by Cybercriminals, Online Threats Circulating

Since its disappearance on 8th March, Malaysian Airlines MH370 has been subject to much online buzz. Several theories related to the flight’s disappearance have already risen, making any tidbit of information enticing to anyone interested. As with the Boston marathon and Typhoon Haiyan incidents, cybercriminals have not hesitated to use hot topics to trick unsuspecting victims in their schemes.

Trend Micro reported that last Friday, 14th March, scammers exploited the news of flight MH370 to encourage Facebook users to hit a malicious link, which was labeled “[BREAKING NEWS] Malaysia Plane Crash into Vietnam sea MH370 Malaysia Airlines is FOUND!”

Users were prompted to share the video before they could watch the embedded video.

Once clicked, a spoofed Facebook loads, with a "ready-to-play" video. Clicking anywhere on this page will take you to another spoofed page. If the user clicks again, he/she will be prompted to share the link so he/she can see the video. Obviously, sharing the video will help cybercriminals spread their malicious link to other users. But that's not all. After sharing, the poor user will be asked to verify his/her age by completing a supposed "test", which is actually another survey scam.

About 32% of the clicks came from NABU (North America region), while 41% were from APAC. The spoofed site has since been taken down.

TrendLabs had also discovered an executable file, named "Malaysian Airlines MH370 5m Video.exe". It has been detected as BKDR_ANDROM.WRPX. Cybercriminals made the file look like a video to lure users to open it. Once downloaded, the backdoor downloads additional files as well as collects information such as the user’s IP address.

Trend Micro is advising users to stay alert, and exercise caution before clicking on any shared links.