04 September 2011

Spamvertised 'Facebook notification' leads to exploits and malware | #cutwail #botnet #spam

Security researchers from M86 Security Labs, have intercepted a spamvertised malware campaign using bogus Facebook notifications as a social engineering element.

Spamvertised through the Cutwail botnet, the malware campaign is impersonating Facebook in an attempt to trick users into clicking on a bogus Facebook notification message. However, the HTML source of the email reveals a link to a malicious iFrame leading to the BlackHole web malware exploitation kit. Upon clicking on the link, the exploit kit will check for remotely exploitable client-side applications and browser plugins, and serve the malware.

Read full article: http://bit.ly/nKrKgF

No comments: