Heads up everyone! There is a malware attack being spammed out posing as an email about "Your photos".
A malware attack has been spammed out widely via email to internet users, posing as a message about photos.
In the attack, cybercriminals attempt to trick unsuspecting users into opening an attached file in their browser, redirecting them to a webpage hosted on a Russian website that takes advantage of the Blackhole exploit kit.
The notorious Blackhole exploit kit then attempts to infect visiting computers through a wide number of vulnerabilities.
Here's a typical message that has been spammed out - in this case, pretending to come from a LinkedIn user:
Subject: Your PhotosMessage body:
Hi,
I have attached your photos to the mail (Open with Internet Explorer)
The attached file has a name of Image_DIG[random number].htm. If you make the mistake of opening the file attachment in your web browser you will see a "please wait" message:
Please wait a moment. You will be forwarded..Internet Explorer or Mozilla Firefox compatible only
Sophos detects this HTML file proactively as Mal/JSRedir-M. What isn't obvious to most computer users is that behind-the-scenes obfuscated JavaScript code is redirecting the user's browser to a Blackhole exploit site.
More and more of the attacks that the folks at SophosLabs are intercepting involve the Blackhole exploit kit, underlining the importance of keeping your computer's anti-virus software and software patches up-to-date as well as learning to exercise caution about opening unsolicited attachments or clicking on unknown links.
No comments:
Post a Comment