Major events, especially tragic ones, are usually followed with people asking the question, “Why did this happen?” Such events affect a lot of people in different ways, and that it is hard for us to dismiss that there is no valid reason as to why they occurred.
The September 11 terrorist attack on the United States is a clear example of this situation, as up until today — more than 8 years after the event has occurred — people are still searching for clear, justifiable explanation. Attempts to provide one only brought more confusion than clarity, as the numerous theories presented to the public only raised more questions that give answers.
And it seems that this is what the cybercriminals had in mind when they launched an attack that specifically plays on people’s desire to know what led to 9/11. Senior Threats Researcher Paul Ferguson found a spammed email message that claims to contain data on the 9/11 U.S. Pentagon conspiracies theories.
The message is fashioned to appear to be from CNN:
Clicking the link on the message leads to the file hunt_the_boeing.hta, which is detected by Trend Micro as VBS_PSYME.DMB. VBS_PSYME.DMB connects to a certain URL to download possibly malicious files.
Though the final payload of this attack is yet to be determined, users are strongly advised to go against their natural tendency to be curious and not click on the link must they receive the said email. Trend Micro protects users from this spam run with its Trend Micro Smart Protection Network that blocks and detects the malicious file.