Blackhole Exploit Kit Comes with UPATRE Trojan

 Analysis by: Emmanuel Nisperos

Carelessly opening attachments may cause your computer unwanted malware infection. As observed by Trend Micro researchers in 2013, Blackhole Exploit Kit-related threats are still in the wild even after the arrest of its creator.

One particular threat starts with an email supposedly containing a saved voicemail as an attachment. This attachment is an executable file that is detected by Trend Micro products as TROJ_UPATRE.SMB. The email itself contains links that are already inaccessible as of this writing. BHEK email have links that redirect to pages hosting malware. This example shows that to bypass redirection, BHEK perpetrators are attaching the malware to the email itself.

Anyone may be a victim of this threat. For your computer's protection, ensure that you have anti-malware and anti-spam solutions. Never open attachments in email messages unless these are expected from known senders.

 SPAM BLOCKING DATE / TIME: November 08, 2013 GMT-8
 TMASE INFO
  • ENGINE:
  • PATTERN:0276