Search Results for: blackhole
Fake Twitter Confirmation Email Points to Blackhole Exploit
Yesterday, we wrote about the return of Amazon spam, and how criminals behind this campaign led users to have their software exploited via the Blackhole exploit kit, especially if they’re not properly patched. At the end of that entry, we included …
Amazon Spam is Back, Blackhole Exploit in Tow
Recently, we’ve seen an Amazon spam in the wild that looks like this: click to enlarge The sender’s name was deliberately called “Amazon.com” to make the spam appear legitimate. What gives away this particular spam, however, is that this sends to …
Fake BBC Website Serves Exploits and Work From Home Offers
In September, our friends at Sophos wrote about a fake BBC website offering up the “chance” to work from home for predictably large sums of money. No more than a day later, we were covering fake BBC video posts targeting …
VIPRE® Report for April: Be Careful When Browsing Social Networking Sites
As you may know, cybercriminals are no longer limited to Twitter and Facebook as their launchpads for spams, scams, and malware-laden site link. Tumblr and Pinterest are just some of the new social networking sites that online criminals are now …
Spam Leads to Exploits and Fake AV on Twitter
There’s been a couple of rather nasty spam runs taking place on Twitter over the last few days. Heres an example of a rogue URL being spread at the weekend: Click to Enlarge The link in question – fuuut(dot)tk, was …
Fake Linkedin Mails Lead To Cridex
Be advised that there are fake Linkedin invitation reminders in circulation sending users to a BlackHole exploit which attempts to drop Cridex onto the PC. Cridex is a rather nasty piece of work that does everything from target banks and …
VIPRE® Report for February 2012: Rogue AV Remains a Popular Threat Tactic
These past few months, the news has been all about who got hacked, what softwares’ vulnerable and should be patched, and what the latest Web threat is like, which ranges from simple spam to those deemed as advanced persistent threats …
US Securities and Exchange Commission Spam Leads to Exploit and Stealer
When one of our colleagues in Malta received an email in his GMail inbox that purports to originate from the U.S. Securities and Exchange Commission (SEC), he didn’t think twice about sending it over to the AV Labs for analysis. …
Fake AICPA Mail Serves Blackholes and Rootkits
Be wary of emails claiming to be from AICPA – as per their alert here, these are not real and any mention of “unlawful tax return fraud” is just a bait to convince the end-user to open up a malicious …
Phishers Bank on Tax Season
With the U.S. currently in tax season, online criminals have, once again, sought to take advantage of this. Robert Stetson, one of our malware researchers, spotted a phishing email posing as Intuit Inc., a company that “develops financial and tax …
