![]() javascript will then -redirect- the user to one of these two IP addresses:īoth IP addresses yield heavily obfuscated javascript. Last Updated: - "We have come to expect quality phishing/fake email work these days. an analysis of this file can also be found on VirusTotal**."įile name: 9c5abf8889c34b3a36c6699b40ef6717c95ac6e1Īnother round of "Spot the Exploit E-Mail" Once the victim has clicked the link, they are redirected to an obfuscated page hosting the Blackhole Exploit Kit. intercepted over 10,000 malicious emails with the subject ‘You Order With ’ enticing the recipient to ‘click here’ to verify a fictitious order as shown in this sample: Oracle have released an out-of-band patch for this Java vulnerability (Oracle release Java 1.7.0_07 to fix CVE-2012-4681*). ![]() If successful, this exploit could allow the cyber-criminals behind this campaign to deliver further malicious payloads to the victim’s machine which, for example, could lead to the exfiltration of personal and financial data. has detected a new malicious email campaign purporting to be an order verification email from Amazon directing victims to a page containing the recent Java exploit. Fake ‘Amazon order’ email exploits recent Java vuln.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |