Reported spam using the theme of the tragedy in Boston
Spammers are actively using topics whose headlines constantly appear in the media. The tragedy that occurred in Boston is also no exception. We fixed a spam mailing list that uses the theme of this tragedy and found out that it is intended to install the Win32 / Kelihos malicious code. Using our Win32 / Kelihos botnet monitoring system, it was determined that cybercriminals redirected the botnet to send spam using this topic. It should be noted that the botnet was quickly switched to the distribution of this type of spam, because a day ago it sent spam to another topic.
Such messages that arrive in unsuspecting users' mailboxes look like this:
')
When you click on the link, the potential victim actually goes to the video viewing page, but this page also contains a malicious iframe, which redirects the user to the Redkit exploit kit page.
Marked above in the IFRAME screenshot, using the Redkit exploit kit, installs Win32 / Kelihos malware on the user's computer.
We are closely following the Kelihos botnet, blocking each new URL with our AV products. Malicious objects of the Win32 / Kelihos family are also promptly added by our laboratory to the anti-virus database.
Such messages that arrive in unsuspecting users' mailboxes look like this:
')
When you click on the link, the potential victim actually goes to the video viewing page, but this page also contains a malicious iframe, which redirects the user to the Redkit exploit kit page.
Marked above in the IFRAME screenshot, using the Redkit exploit kit, installs Win32 / Kelihos malware on the user's computer.
We are closely following the Kelihos botnet, blocking each new URL with our AV products. Malicious objects of the Win32 / Kelihos family are also promptly added by our laboratory to the anti-virus database.
Source: https://habr.com/ru/post/177139/
All Articles