Bogus "Your eBay funds are cleared" email leads to exploits
Posted on 01.08.2012
Following the email supposedly sent by an unsatisfied customer, eBay sellers are targeted by scammers once again.

While the first email threatened with negative feedback, this one entices with the promise of a huge amount of money supposedly made available to the recipient:

Users who click on the embedded link are taken to a page sporting the "Loading your Transaction Details…" caption, which also hosts the Blackhole exploit kit.

While the user is waiting for the transaction details to load, the kit tries to exploit an Adobe Reader and Acrobat vulnerability, as well as a Microsoft Windows Help Center flaw.

If successful, a Trojan is dropped onto the system, and phones home to a C&C server that has been used in another previously profiled spamvertised campaign.

"Based on these observations, we can easily conclude that a single cybercriminal or a gang of cybercriminals is systematically introducing undetected malicious executables and rotating the client-side exploits serving URLs, next to impersonating popular brands in an attempt to socially engineer users into interacting with these malicious emails," says Webroot's Dancho Danchev, and predicts that more spam campaigns impersonating trusted brands are sure to follow.


Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Fri, Oct 24th