The Latest in IT Security

Blackhole Exploit + Rogue AV capitalizes on Steve Jobs’ passing

07
Oct
2011

Websense ThreatSeeker® Network has detected malicious email messages claiming that the late Apple founder and CEO, Steve Jobs, is still alive.  Websense Email Security and Websense Web Security protect against these blended attacks with ACE, our Advanced Classification Engine.

 

Some of the email subjects used in this attack include :

  • Steve Jobs: Not Dead Yet!
  • Steve Jobs Alive!
  • Steve Jobs Not Dead

 

Screenshot 1 : Sample Email Messages

 

The email messages contain links to compromised web sites that redirect to Blackhole Exploit Kit and install Rogue AV malware.  The malicious file used in this attack is poorly detected by AV engines.

 

Screenshot 2 : Malicious Redirect

 

Screenshot 3 : Obfuscated Exploit Code

 

As always, don't click on links in emails you didn't expect to receive, they tend to be bad news.

Leave a reply


Categories

MONDAY, DECEMBER 18, 2017

Featured

Archives

Latest Comments

Social Networks