Bogus "Your eBay funds are cleared" email leads to exploits
Posted on 01.08.2012
Following the email supposedly sent by an unsatisfied customer, eBay sellers are targeted by scammers once again.

While the first email threatened with negative feedback, this one entices with the promise of a huge amount of money supposedly made available to the recipient:


Users who click on the embedded link are taken to a page sporting the "Loading your Transaction Details…" caption, which also hosts the Blackhole exploit kit.

While the user is waiting for the transaction details to load, the kit tries to exploit an Adobe Reader and Acrobat vulnerability, as well as a Microsoft Windows Help Center flaw.

If successful, a Trojan is dropped onto the system, and phones home to a C&C server that has been used in another previously profiled spamvertised campaign.

"Based on these observations, we can easily conclude that a single cybercriminal or a gang of cybercriminals is systematically introducing undetected malicious executables and rotating the client-side exploits serving URLs, next to impersonating popular brands in an attempt to socially engineer users into interacting with these malicious emails," says Webroot's Dancho Danchev, and predicts that more spam campaigns impersonating trusted brands are sure to follow.






Spotlight

How security analytics help identify and manage breaches

Posted on 30 July 2014.  |  Steve Dodson, CTO at Prelert, illustrates the importance of security analytics in today's complex security architectures, talks about the most significant challenges involved in getting usable information from massive data sets, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //