We’ve been tracking and informing customers about current Black Hole Exploit Kit Spam Run activity and noted that spammers have been changing their methods to better achieve their goals. The most recent development is the aggressive turn in tactics used in these spam runs, which makes it easier for infection to occur. With the latest technique used by spammers, users only need to open the email and connection to the URL where malware downloaded is automated.
New Techniques to Increase Probability of Infection
These emails are different than previous spam as users are no longer required to click a URL before proceeding to a malicious website. A reliance on users to fall for social engineering schemes has been discarded in this campaign in favor of automated connection to malicious websites for infection. Once the email is opened, connection is made to a compromised website that redirects to another compromised website, and finally to the malicious website.
Sample of Latest Turn – No Click, Automated Connection to Malicious Site
The following is a sample of this new type of Black Hole Exploit Kit spam:
Leave a reply