Search
Keyword: JS_EXPLOIT
We continuously witness the evolution of QAKBOT, a sophisticated data stealer malware, come up with old and new techniques to bypass email security filters. We dive deep on this in the article
by the recipient. Clicking the link to the supposed .DOC file brings the user to the following page: The said page hosts a malicious JavaScript that points to a blackhole exploit kit server. A .JAR
points to a series of redirections then finally to a page that serves blackhole exploit kit. Users are advised to remain vigilant and to verify first the accuracy of any email message received to avoid
A phishing campaign targeting customers of a news portal website is seen in the wild. The said campaign makes use of blackhole exploit kit designed to infect users with malicious files to steal
recipient. When the reader clicks on the link, the browser opens a page that hosts a malicious JavaScript. The script then redirects to a blackhole exploit kit server, where a .JAR file is executed. The said
However, it redirects to a site hosting a malicious JavaScript. The script then redirects the user to a blackhole exploit kit server, where a .JAR file is executed to download other malicious files. Trend
clicked, it redirects to a site hosting a malicious JavaScript: The script points the user to a blackhole exploit kit server hosting a .JAR file. The said file is executed, and downloads other malicious
Spammers are targeting customers of Keybank via a phishing campaign that leads to Blackhole exploit kit. This malware kit is designed to infect users with malicious files in order to steal
This spammed message says that the recipient was sent an e-card to be accessed on the link supplied. However, users are redirected to a Blackhole Exploit page, which can lead to the download of
engineers received samples of a Blackhole Exploit Kit spam campaign leveraging the event. The malicious spam itself is fairly simple, only sporting two lines of text, with the second one a link that
The BlackHole Exploit Kit (BHEK) spam run has already assumed various disguises for the past months. It has taken the form of very convincing but fake bank notice, cable provider email update, social
Carelessly opening attachments may cause your computer unwanted malware infection. As observed by Trend Micro researchers in 2013, Blackhole Exploit Kit-related threats are still in the wild even
Pinterest has actively been used in different spam campaigns in the past - from basic phishing to complicated spam techniques incorporating salad words and invisible ink. Blackhole Exploit Kit (BHEK)
Spammers hopped on the royal baby bus to spread spam with Blackhole Exploit Kit (BHEK) links. Trend Micro researchers observed an increase in the number of spammed messages that are purported to be
The movie Ender's Game , based on a novel of the same name, did not escape cybercriminals' sights. Trend Micro researchers spotted Blackhole Exploit Kit spam campaign using the movie's name. The
systems, and oil refineries, among others. However, based on analysis, DUQU does not have any capability to access SCADA systems. According to reports, DUQU was also found to exploit a zero-day vulnerability
? Equation leveraged vulnerabilities to penetrate its targeted network. For instance, it used two exploits related to Stuxnet such as Windows
Kernel EoP exploit (covered in MS09-025) and LNK
subject, unaware that the message contained a zero-day exploit for CVE-2011-0609. The exploit installed a backdoor we detect as TROJ_ADOBFP.SM , which allowed the attacker to gain deeper access to the
attack? Users may either receive spammed message or unknowingly download a specially crafted .PDF file from a malicious site. Cybercriminals could then exploit the CVE-2009-4324 vulnerability in their
clicked redirect to a site that loads a JavaScript (detected as JAVA_BLACOLE.RCC). When loaded, this JavaScript points to a site hosting Blackhole Exploit . Users are advised to be cautious when opening