Browse archive

Latest news

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

A closer look at Mega cloud storage

CISOs need to engage with the board

Wi-Fi client security weaknesses still prevalent

"NATO vacancies" phishing email also leads to malware

Find TrueCrypt and BitLocker encrypted containers and images

Sourcefire goes beyond the sandbox

The CSO perspective on healthcare security and compliance

Jailed hacker designs device to thwart ATM card skimming

U.S. Congress has questions about Google Glass and privacy

Over 45% of IT pros snitch on their colleagues

Hacking charge stations for electric cars

Fake Amazon Kindle receipt leads to persistent malware

Posted on 05.02.2013

Amazon customers buying e-books for their Kindle or other mobile devices should be careful with emails that seemingly containing receipts for their purchases, warns Webroot, as malware peddlers have once again started a spam campaign impersonating the e-commerce giant:

I doubt that the attackers have managed to compromise an Amazon database and exfiltrate user information such as name and billing address (if they had, we would have heard about it by now), so the bogus and random information contained in the "receipt" could trick some users into following the offered links to their accounts in order to discover how the mistake happened.

Those who do will land on compromised pages hosting the Blackhole exploit kit, and upon successful client-side exploitation, will be infected with a variant of the Kryptik Trojan.

The Trojan in question infects local and network Windows platform computers, hides running processes, prevents AV software to be updated and work as it should, and is in general a very persistent piece of malware.

Once again, users are advised never to follow links contained in unsolicited emails and to check and access their online accounts via the legitimate login page.