Fake MySpace Email Leads to Blackhole Exploit Kit

 Analysis by: Maydalene Edsel Salvador

The spammers copied the legitimate MySpace mail to give credence to the message. It contains a link, which when clicked, redirects to a site hosting a malicious JavaScript. While the said site loads, the script points to a Blackhole Exploit Kit Server, which contains the exploit code that executes the final payload. A .JAR file is then executed that downloads other malware into the victims' systems.

Users are strongly advised to be cautious in opening email messages that offer bogus promos, prizes, and discounts. To be safe, users should always refer to the official website of the organization for any promos, discounts and other offers. Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.

 SPAM BLOCKING DATE / TIME: August 03, 2012 GMT-8
  • ENGINE:6.8
  • PATTERN:9082