Posts Tagged: Exploits


‘Your Discover Card Services Blockaded’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating Discover, in an attempt to trick cardholders into clicking on the client-side exploits serving URLs found in the malicious emails. Upon clicking on the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

‘Fwd: Scan from a Xerox W. Pro’ themed emails lead to Black Hole Exploit Kit

by

On a periodic basis, malicious cybercriminals spamvertise millions of emails attempting to trick end users into thinking that they’ve received a scanned document. Upon clicking on the links found in these emails, or viewing the malicious .html attachment, users are automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. In this post, I will profile two currently circulating malicious campaigns. The first is mimicking a Xerox Pro printer, and the second is claiming to be a legitimate Wire Transfer. Both of these campaigns point to the same client-side exploits serving URL, indicating […]

Continue Reading »

‘ADP Immediate Notification’ themed emails lead to Black Hole Exploit Kit

by

Newsflash, the cybercriminals behind the recently profiled malicious campaign impersonating Bank of America, launched yet another massive spam campaign, this time targeting ADP customers. Upon clicking on the link found in the malicious email, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

BofA ‘Online Banking Passcode Reset’ themed emails serve client-side exploits and malware

by

Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic rotation of impersonated brands in an attempt to cover as many market segments as possible. More details:

Continue Reading »

Cybercriminals impersonate Verizon Wireless, serve client-side exploits and malware

by

Verizon Wireless customers, beware! For over a week now, cybercriminals have been persistently spamvertising millions of emails impersonating the company, in an attempt to trick current and prospective customers into clicking on the client-side exploits and malware serving links found in the malicious email. Upon clicking on any of the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More details:

Continue Reading »

American Airlines themed emails lead to the Black Hole Exploit Kit

by

Over the past 24 hours, cybercriminals launched yet another massive spam campaign, this time impersonating American Airlines in an attempt to trick its customers into clicking on a malicious link found in the mail. Upon clicking on the link, users are exposed to the client-side exploits served by the Black Hole Exploit Kit v2.0 More details:

Continue Reading »

Cybercriminals impersonate FDIC, serve client-side exploits and malware

by

Over the past 24 hours, cybercriminals started spamvertising millions of emails impersonating the Federal Deposit Insurance Corporation (FDIC), in an attempt to trick businesses into installing a bogus and non-existent security tool promoted in the emails. Upon clicking on the links, users are exposed to the client-side exploits served by the Black Hole Exploit Kit. More details:

Continue Reading »

Spamvertised ‘US Airways reservation confirmation’ themed emails serve exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating U.S Airways, in an attempt to trick users into clicking on the malicious links found in the legitimately looking emails. Let’s dissect the malicious campaign, and expose its dynamics. More details:

Continue Reading »

Spamvertised ‘Your Fedex invoice is ready to be paid now’ themed emails lead to Black Hole Exploit kit

by

Over the past 24 hours, cybercriminals have launched yet another massive spam run, this time impersonating FedEx in an attempt to trick its customers into clicking on a malware and exploits-serving URL found in the malicious email. More details:

Continue Reading »

Cybercriminals impersonate Intuit Market, mass mail millions of exploits and malware serving emails

by

Over the past 24 hours, cybercriminals have spamvertised millions of emails impersonating Intuit Market, in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on them, users are exposed to the client-side exploits served by the Black Hole web malware exploitation kit. More details:

Continue Reading »