Cisco recently released a short study on the internet schemers, saying that as soon as 6 pm on April 16th, "the first of two botnets began a massive spam campaign to take advantage of the recent Boston tragedy."
Matthew J. Schwartz of Information Week reported that Internet opportunists registered 125 suspect domain names on Monday, which then turned into 234 by Tuesday.
"Some of these are just parked domains, some are squatters who are keeping the domains from bad people. A couple are soliciting donations (one is soliciting bitcoins, oddly enough)," reported John Bambenek at Internet Storm Center. "So far, there has been no reports of any spam related to this but there have been a few fake twitter accounts which are fairly quickly getting squashed."
In a strange twist, spammers chose CNN, the same network that later botched reporting of the FBI investigation, as their front to bait users.
The emails used a CNN header, subject lines like "Boston bombing caught on video," and contained links to pages which would auto-drop malicious software on the user's computer.
As we've covered before in the past,
In fact, following the Mandiant report which unmasked China's elite hacking unit, an exploit from that same unit was circulating the web as a link to the same report which outed them.
Experts analyzing the Boston hacks uniformly agree that in click-baity cases such as bombings and bombshell reports, it's important to exercise caution before opening up seemingly routine emails.