Xerox Scanned Documents Conceal Blackhole

The sinister method through which online crooks dispatched e-mails posing as originating out of an office premises' scanner has yet again revived, attacking company employees' e-mail accounts, reported softpedia on January 19, 2012.

Bearing an appealing caption: "Re: Scan from a Xerox W. Pro #XXXXXXX," the scam electronic mail, unlike previously when it made users append one zipped file, currently encourages them for following one download web-link, warns Websense a widely familiar security company.

Reportedly, Websense's researchers state that the e-mail's payload contains an iFrame so the web-link diverts the user onto a sinister website, which harbors one Blackhole exploit toolkit. Immediately, as this iFrame gets installed, the exploit toolkit's content that includes one highly confused code too gets installed. And once that code is unlocked, the original one hunts for security flaw-infested software that it summarily exploits. This enables for running one shell code, which starts off the download as well as execution of malicious software.

Websense, in the scam, discovered over 3,000 e-mails, thus far; however, as the latest Blackhole variant represents one highly sophisticated toolkit allowing cyber-crooks for tweaking their software, there could be an even greater number of e-mails.

Normally, the Blackhole attack toolkit is used on hire, and the new variant is featured with many improvements like providing smart-phones with administration options as also allowing the toolkit to use illegitimate video/audio scanners for spreading malicious software.

Blackhole is presently widely prevalent and attackers utilize it commonly. The kit presents SaaS (software-as-a-service) solution to its users who merely require hiring the toolkit. The handling of its domain name registration, its website configuration as well as setup, however, is the job of the creator parties itself.

Security specialists suggest that IT departments require educating other employees in their organizations for ensuring they know the way for dealing with these as also more likewise threats.

They add that Internauts who find the mentioned kinds of e-mails, particularly in the form of company e-mails, should overlook them, but not forget to inform about them to their company's information technology section for letting it adopt suitable steps towards diffusing the assault.

» SPAMfighter News - 25-01-2012

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial