Criminals are hijacking the news cycle surrounding Malaysia Airlines Flight 370, using it to promote scam surveys and steal personal information via malware. Researchers at Trend Micro have been tracking a series of scams that originated on Facebook and though email, which use the tragedy and mystery surrounding Flight MH370. Flight MH370 is the Malaysia Airlines Boeing 777 that went missing earlier this month, as a hook. Investigators are still looking for clues, and the investigation has taken several twists and turns, fueling the public’s craving for information. “As more countries join in the search for the missing Malaysia Airlines Flight 370, we are seeing cybercriminals use this highly talked-about topic to unleash different online threats,” commented Rika Joi Gregorio on the TrendLabs blog. One of the scams centers on a fake video and is thought to have originated via email. According to the email, the video is a five-minute clip about the flight, offering new information. However, users who attempt to access the attachment are infected with a generic Trojan, which opens a backdoor onto their systems. As is the case with all such malware, the attacker is granted full remote access to the compromised system, including the ability to run programs, download files, and data collection. However, this Trojan is a different. “There is one unusual aspect to this backdoor. Its command-and-control (C&C) server at www-dpmc-dynssl-com (replace dashes with dots) was noted by other security researchers in October of last year as being related to a targeted attack. It is unusual for a targeted attack to share the same infrastructure as a more ‘conventional’ cybercrime campaign, yet that appears to be the case here. We currently have no information that this particular backdoor is being used in targeted attacks.” Details on the aforementioned targeted attack are available via FireEye. On Facebook, the mystery of Flight MH370 is being used to promote junk surveys, which do nothing but make the scammer money, and place personal information at risk. A similar scam mimics YouTube, promising additional videos and news. “Current events and news updates have become go-to social engineering bait of cybercriminals. This has become an unfortunately frequent occurrence – events like the Tohoku earthquake, Boston marathon and Typhoon Haiyan were all abused to spread various threats.” Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe