Posts Tagged: Client-Side Exploits


Fake Amazon ‘Your Kindle E-Book Order’ themed emails circulating in the wild, lead to client-side exploits and malware

by

By Dancho Danchev Kindle users, watch what you click on! Cybercriminals are currently mass mailing tens of thousands of fake Amazon “You Kindle E-Book Order” themed emails in an attempt to trick Kindle users into clicking on the malicious links found in these messages. Once they do so, they’ll be automatically exposed to the client-side exploits served by the Black Hole Exploit Kit, ultimately joining the botnet operated by the cybercriminal/cybercriminals that launched the campaign. More details:

Continue Reading »

BofA ‘Online Banking Passcode Reset’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic rotation of impersonated brands in an attempt to cover as many market segments as possible. More details:

Continue Reading »

Cybercriminals impersonate Verizon Wireless, serve client-side exploits and malware

by

Verizon Wireless customers, beware! For over a week now, cybercriminals have been persistently spamvertising millions of emails impersonating the company, in an attempt to trick current and prospective customers into clicking on the client-side exploits and malware serving links found in the malicious email. Upon clicking on any of the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

Spamvertised ‘Fwd: Scan from a Hewlett-Packard ScanJet’ emails lead to Black Hole exploit kit

by

Over the last couple of hours, cybercriminals have started spamvertising millions of emails pretending to be coming from HP ScanJet scanner, in an attempt to trick end and and corporate users into downloading and viewing the malicious .html attachment. Upon viewing, the document loads the invisible iFrame script, ultimately redirecting the user to a landing URL courtesy of the Black Hole web malware exploitation kit. More details:

Continue Reading »

Cybercriminals impersonate AT&T’s Billing Service, serve exploits and malware

by

Cybercriminals have launched yet another massive spam campaign, this time impersonating AT&T’s Billing Center, in an attempt to trick end and corporate users into downloading a bogus Online Bill. Once gullible and socially engineered users click on any of the links found in the malicious emails, they’re automatically redirected to a Black Hole exploit kit landing URL, where they’re exposed to client-side exploits, which ultimately drop a piece of malicious software on the affected hosts. More details:

Continue Reading »

Spamvertised ‘Your UPS delivery tracking’ emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating United Parcel Service (UPS) in an attempt to trick end and corporate users into clicking on exploits and malware serving links found in the malicious emails. What exploits are they using? How widespread is the campaign? Is it an isolated incident, or is the campaign linked to more malicious activity? More details:

Continue Reading »

Spamvertised ‘Your Paypal Ebay.com payment’ emails serving client-side exploits and malware

by

Remember the ‘Your Amazon.com order confirmation’ client-side exploits and malware serving campaign which I profiled earlier this week? It appears that the gang behind it is back with another campaign, this time impersonating PayPal. For the time being, another round consisting of millions of malicious emails is circulating in the wild, enticing end and corporate users into clicking on malicious links found in the emails. More details:

Continue Reading »

Spamvertised ‘UPS Delivery Notification’ emails serving client-side exploits and malware

by

Think you received a package? Think again. Cybercriminals are currently spamvertising millions of emails impersonating UPS (United Parcel Service) in an attempt to trick users into downloading the viewing the malicious .html attachment. More details:

Continue Reading »

‘Windstream bill’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the Windstream Corporation, in an attempt to trick end and corporate users into clicking on links found in the malicious email. Upon clicking on the links hosted on compromised web sites, users are exposed to client-side exploits served by the BlackHole web malware exploitation kit. More details:

Continue Reading »