Buy now and install on all your devices from one easy email. X

Spam Impersonating LinkedIn

Remember the LinkedIn exploits and malware serving campaigns which I profiled in March, and May?

Over the past 24 hours, cybercriminals launched the most recent spam campaign impersonating LinkedIn, in an attempt to trick LinkedIn's users into clicking on the client-side exploits and malware serving links found in the emails.

More details:

Screenshot of the spamvertised email:

LinkedIn Spam email message

Spamvertised URL: hxxp://glqzc.com/linkzane.html

Client-side exploits serving URL: hxxp://headtoheadblaster.org/main.php?page=f6857febef53e332

Client-side exploits served: CVE-2010-1885

Upon successful client-side exploitation, the campaign drops MD5: 6c59e90d9c3931c900cfd2672f64aec3 currently detected by 4 out of 41 antivirus scanners as PWS-Zbot.gen.ajm; W32/Kryptik.BRK.

Webroot SecureAnywhere users are proactively protected from this threat.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.

DISCUSS IT HERE

Past Newsletters

2014 Newsletters
March Newsletter
June Newsletter
2013 Newsletters
October Newsletter
July Newsletter
April Newsletter
January Newsletter
2012 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter
May Newsletter
April Newsletter
March Newsletter
February Newsletter
January Newsletter
2011 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter