Blackhole Exploit Kit Campaign Takes Interest in Pinterest

 Analysis by: Mark Christian Aquino

Pinterest has actively been used in different spam campaigns in the past - from basic phishing to complicated spam techniques incorporating salad words and invisible ink. Blackhole Exploit Kit (BHEK) spam campaigns have also been known to us for quite some time. BHEK spam campaigns are known to use popular brand names and websites to lure users.

It's not unlikely that we are now seeing a BHEK spam campaign using Pinterest as lure. The spammed message looks like a legitimate email from Pinterest containing a message about a recent password change. Users are then asked to click on the link in the message. When users click on the link, they are directed to a site that serves up BHEK. When the affected computer is connected to the site, the site can run a number of malware routines on the affected computer such as downloading files.

While there is nothing new in this routine, users are still advised to always perform account-related changes on the websites they subscribe to. Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spammed message, blocking access to malicious sites, and removing malware.

 SPAM BLOCKING DATE / TIME: June 29, 2013 GMT-8
 TMASE INFO
  • ENGINE:7.0
  • PATTERN:9884