Blackhole Exploit Kit Spam Run Using LinkedIn

 Analysis by: Maydalene Edsel Salvador

This spam campaign purports to be an invitation reminder email supposedly from the LinkedIn professional networking site. The email contains a link that supposedly takes you to your LinkedIn account. However, it redirects to a site hosting a malicious JavaScript. The script then redirects the user to a blackhole exploit kit server, where a .JAR file is executed to download other malicious files.

Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.

 SPAM BLOCKING DATE / TIME: September 11, 2012 GMT-8
  • ENGINE:6.8
  • PATTERN:9178