Fake CNN News Notification Leads To Blackhole Exploit Kit Attack

 Analysis by: Aileen Estrada

Another Blackhole Exploit Kit spam campaign has been spotted to take advantage of the April 2013 Boston Marathon bombings. This particular spammed mail purports itself to be sent from US-based news agency CNN, with the body of the mail styled to resemble an urgent news notification coming from the said agency. The text of the spammed mail offers the reader a hyperlink that promises controversial details about the bombing. Should the reader go on to click the link, they will instead be redirected to a malicious page that hosts the exploit, and may find themselves compromised by it.

Cybercriminals are known to leverage tragedies and newsworthy events in their malicious activities, and it is a trend that will continue as time goes on. Users are reminded to anticipate such threats, and to quickly delete spammed mails such as these.
 SPAM BLOCKING DATE / TIME: April 17, 2013 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:9806