Posts Tagged: Black Hole Exploit Kit


Cybercriminals spamvertise bogus ‘Microsoft License Orders’ serve client-side exploits and malware

by

Cybercriminals are currently mass mailing millions of emails impersonating Microsoft Corporation in an attempt to trick users into clicking on a link in a bogus ‘License Order” confirmation email. Upon clicking on the link, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

‘Copies of Missing EPLI Policies’ themed emails lead to Black Hole Exploit Kit

by

Attempting to achieve a higher click-through rate for their exploits and malware serving malicious campaign, cybercriminals are currently spamvertising millions of emails attempting to trick users into thinking they’ve become part of a private conversation about missing EPLI policies. In reality, clicking on any of the links in the oddly formulated email will expose them to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

Bogus Better Business Bureau themed notifications serve client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the Better Business Bureau (BBB), in an attempt to trick users into clicking on a link to a non-existent report. Upon clicking on the link, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

‘PayPal Account Modified’ themed emails lead to Black Hole Exploit Kit

by

A cybercriminal/group of cybercriminals that’s been responsible for a series of malware attacks that I’ve been recently profiling, continues to systematically rotate the impersonated brands and the actual malicious payload dropped by the market leading Black Hole Exploit Kit. The prospective target of their latest campaign? PayPal users. More details:

Continue Reading »

‘American Express Alert: Your Transaction is Aborted’ themed emails serve client-side exploits and malware

by

American Express cardholders, beware! Over the past week, cybercriminals mass mailed millions of emails impersonating American Express, in an attempt to trick its customers into clicking on the malicious links found in the emails. Upon clicking on any of the links, users are redirected to a malicious URL serving cllient-side exploits courtesy of the Black Hole Exploit Kit. More details:

Continue Reading »

‘Payroll Account Holded by Intuit’ themed emails lead to Black Hole Exploit Kit

by

Intuit users, beware! Cybercriminals are currently mass mailing millions of emails impersonating Intuit’s Direct Deposit Service, in an attempt to trick its users into clicking on the malicious links found in the legitimate-looking emails. Upon clicking on any of them, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

‘Your Discover Card Services Blockaded’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating Discover, in an attempt to trick cardholders into clicking on the client-side exploits serving URLs found in the malicious emails. Upon clicking on the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

‘Fwd: Scan from a Xerox W. Pro’ themed emails lead to Black Hole Exploit Kit

by

On a periodic basis, malicious cybercriminals spamvertise millions of emails attempting to trick end users into thinking that they’ve received a scanned document. Upon clicking on the links found in these emails, or viewing the malicious .html attachment, users are automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. In this post, I will profile two currently circulating malicious campaigns. The first is mimicking a Xerox Pro printer, and the second is claiming to be a legitimate Wire Transfer. Both of these campaigns point to the same client-side exploits serving URL, indicating […]

Continue Reading »

‘ADP Immediate Notification’ themed emails lead to Black Hole Exploit Kit

by

Newsflash, the cybercriminals behind the recently profiled malicious campaign impersonating Bank of America, launched yet another massive spam campaign, this time targeting ADP customers. Upon clicking on the link found in the malicious email, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

BofA ‘Online Banking Passcode Reset’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic rotation of impersonated brands in an attempt to cover as many market segments as possible. More details:

Continue Reading »