Date: Fri, 27 Apr 2012 16:19:17 +0800
From: “LinkedIn reminder” [[email protected]]
Subject: LInkedin pending messages
• From Scott Burwell (Colleague at Nortel)
• There are a total of 50 messages awaiting your response. Visit your InBox now.
Don’t want to receive email notifications? Adjust your message settings.
LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. © 2010, LinkedIn Corporation.
The malicious payload is on 18.104.22.168/showthread.php?t=9d77a9163cda8dbe (report here) hosted by Linode in the US. There is a subsequent download attempted from 22.214.171.124/rUPYeVt0.exe which appears to be a legitimate hacked server belonging to cheekyshare.com.
Leave a reply