Remember the LinkedIn exploits and malware serving campaigns which I profiled in March, and May?

Over the past 24 hours, cybercriminals launched the most recent spam campaign impersonating LinkedIn, in an attempt to trick LinkedIn’s users into clicking on the client-side exploits and malware serving links found in the emails.

More details:

Screenshot of the spamvertised email:

Spamvertised URL: hxxp://glqzc.com/linkzane.html

Client-side exploits serving URL: hxxp://headtoheadblaster.org/main.php?page=f6857febef53e332

Client-side exploits served: CVE-2010-1885

Upon successful client-side exploitation, the campaign drops MD5: 6c59e90d9c3931c900cfd2672f64aec3 currently detected by 4 out of 41 antivirus scanners as PWS-Zbot.gen.ajm; W32/Kryptik.BRK.

Webroot SecureAnywhere users are proactively protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This