Security researchers from M86 Security Labs, have intercepted a spamvertised malware campaign using bogus Facebook notifications as a social engineering element.
Spamvertised through the Cutwail botnet, the malware campaign is impersonating Facebook in an attempt to trick users into clicking on a bogus Facebook notification message. However, the HTML source of the email reveals a link to a malicious iFrame leading to the BlackHole web malware exploitation kit. Upon clicking on the link, the exploit kit will check for remotely exploitable client-side applications and browser plugins, and serve the malware.
Read full article: http://bit.ly/nKrKgF
No comments:
Post a Comment