Posts Tagged: malware


Cybercriminals spamvertise bogus greeting cards, serve exploits and malware

by

Think you’ve received an online greeting card from 123greetings.com? Think twice! Over the past couple of days, cybercriminals have spamvertised millions of emails impersonating the popular e-card service 123greetings.com in an attempt to trick end and corporate users into clicking on client-side exploits and malware serving links, courtesy of the Black Hole web malware exploitation kit. What’s so special about this campaign? Can we connect it to previously spamvertised campaigns profiled at Webroot’s Threat Blog? Let’s find out. More details:

Continue Reading »

French Android Users Hit again by SMS Trojan

by

Earlier this year, the SMS Trojan Foncy was discovered targeting French-speaking Android Users. Now, we’ve come across a new Trojan targeting them using a similar SMS scam.  The app pretends to be an app called BlackMart Alpha, which is already a little shady since it’s used to download apps that may otherwise cost money. This app is not found on Google Play and is not malicious in itself, but the fact that you can’t get it in the Google Play store makes it a prefect target for malware developers to make fake versions of it. Webroot detects this Trojan as […]

Continue Reading »

IRS themed spam campaign leads to Black Hole exploit kit

by

Recently, cybercriminals launched yet another massive spam campaign, this time impersonating the Internal Revenue Service (IRS) in an attempt to trick tax payers into clicking on a link pointing to a bogus Microsoft Word Document. Once the user clicks on it, they are redirected to a Black Hole exploit kit landing URL, where they’re exposed to the client-side exploits served by the kit. More details:

Continue Reading »

Cybercriminals impersonate AT&T’s Billing Service, serve exploits and malware

by

Cybercriminals have launched yet another massive spam campaign, this time impersonating AT&T’s Billing Center, in an attempt to trick end and corporate users into downloading a bogus Online Bill. Once gullible and socially engineered users click on any of the links found in the malicious emails, they’re automatically redirected to a Black Hole exploit kit landing URL, where they’re exposed to client-side exploits, which ultimately drop a piece of malicious software on the affected hosts. More details:

Continue Reading »

Spamvertised ‘PayPal has sent you a bank transfer’ themed emails lead to Black Hole exploit kit

by

Sticking to their well proven social engineering tactics consisting of systematic rotation of the abused brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick end and corporate users into interacting with the malicious campaign. Once the interaction takes place, users are exposed to the client-side exploits served by the Black Hole exploit kit, currently the market share leader within the cybercrime ecosystem. More details:

Continue Reading »

Spamvertised ‘Your Ebay funds are cleared’ themed emails lead to Black Hole exploit kit

by

Cybercriminals are currently mass mailing millions of emails impersonating eBay and PayPal in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on any of them, user are exposed to the client-side exploits served by the Black Hole exploit kit. More details:

Continue Reading »

Cybercriminals target Twitter, spread thousands of exploits and malware serving tweets

by

Twitter users, beware! Over the past several days, cybercriminals have been persistently spamvertising thousands of exploits and malware serving links across the most popular micro blogging service. Upon clicking on the clicks, users are exposed to the exploits served by the Black Hole web malware exploitation kit. What’s so special about this campaign? What’s the detection rate of the malware it drops? Where does it phone back once it’s executed? Have we seen additional malware phone back to the same command and control servers, indication a connection between these campaigns? Let’s find out. More details:

Continue Reading »

Spamvertised ‘Download your USPS Label’ themed emails serve malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the United States Postal Service (USPS), in an attempt to trick end and corporate users into downloading and unpacking the malicious .zip attachment distributed by them. What’s so special about this campaign? Where is the malicious sample phoning back to? Are there more malware samples that also phoned back to the same command control servers in the past? Let’s find out. More details:

Continue Reading »