Blackhole Exploit Kit Spam Run on Western Union
August 28, 2012
A spam campaign using Western Union leads to a blackhole exploit kit server. The email notification contains a link to lure users into clicking a link that supposedly redirects the user to a supposed transaction made with Western Union. Once a user clicks on the link, it redirects to a site hosting a malicious JavaScript, which leads to a blackhole exploit kit server. The server has an exploit code starts to execute to deliver its final payload, which is a .JAR file that is executed. This .JAR file downloads other malicious files into the user's computer.
Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.
SPAM BLOCKING DATE / TIME: August 28, 2012 GMT-8
TMASE INFO
- ENGINE:6.8
- PATTERN:9148