The Latest in IT Security

LinkedIn spam / 199.115.229.55

26
Apr
2012

This LinkedIn spam leads to malware on 199.115.229.55 after bouncing through a couple of legitimate hacked sites, a technique that we haven’t seen for a couple of weeks.

Subject:     Signal LinkedIn Mail

LinkedIn
REMINDERS

Invitation reminders:
•  From Scott Burwell (Product Director at SNCF)

PENDING MESSAGES

• There are a total of 44 messages awaiting your response. Visit your InBox now.

Don’t want to receive email notifications? Adjust your message settings.

LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. © 2012, LinkedIn Corporation.

The malware is on 199.115.229.55/showthread.php?t=977334ca118fcb8c (report here) hosted by Volumedrive in the US, which subsequently tries to download further malware from electrosa.com/8zvW2XE.exe (a site that has been used a lot in recent days). That domain and IP are worth blocking.

Leave a reply


Categories

FRIDAY, DECEMBER 13, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments