解析者: Jude Israel Bordallo

Blackhole exploit kit makers are now riding on adult-related spammed messages to spread itself. The spammed message is in text format and asks the reader to access photos via a link. Once clicked, it redirects to a site hosting a malicious JavaScript. While users patiently wait for the website to load, the script is already pointing them to a blackhole exploit kit server, where an exploit code starts to execute. A .JAR file is executed, downloading other malicious files onto the victim's machine. The redirect page is found below:

Trend Micro™ Smart Protection Network™ protects users from this threat by blocking the spam mail samples, as well as any related malicious URLs and malware.

 スパムブロック日時 : 2012年10月26日 22:00:00 GMT-8
 TMASE
  • TMASEエンジン:7.0
  • TMASEパターンバージョン:9312