解析者: Maydalene Edsel Salvador

This spam run targets customers of Automatic Data Processing, Inc (ADP). The spammers use an email notification template from ADP to make it appear legitimate. It lures users into clicking a malicious link. When a user clicks on the link, the user is redirected to a site hosting a malicious JavaScript. While the victim waits for the website to load, the script is already pointing them to a blackhole exploit kit server, where an exploit code starts to execute. A .JAR file is executed, downloading other malicious files into the victim's machine.

Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and files.

 スパムブロック日時 : 2012年9月9日 23:15:00 GMT-8
 TMASE
  • TMASEエンジン:6.8
  • TMASEパターンバージョン:9174