madison

Zero Day

Ryan Naraine and Dancho Danchev
Home / News & Blogs / Zero Day

Popular brands impersonated in latest malware campaign

By | August 9, 2010, 11:59am PDT

Summary: Multiple vendors are reporting on a currently ongoing scareware and client-side exploits serving, spam campaign, impersonating Best Buy, Chase, Macy’s, Target.com and Evite.

Multiple vendors are reporting on a currently ongoing scareware and client-side exploits serving, spam campaign, brand-jacking Best Buy, Chase, Macy’s, Target.com and Evite.

The payments-themed campaign is enticing users into clicking on on a malicious link which attempts to exploit client-side vulnerabilities targeting Java, Acrobat Reader etc. in between loading a scareware-serving page (antivirus_24.exe), tricking users into thinking they’re infected with malware.

Sample subjects include:

  • “Thank you for scheduling your online payment”
  • “Thank you for your payment”
  • “Thanks for planning your event with Evite”
  • “Your Target.com order has been shipped”
  • “Thank You, Your Anti-Virus Protection Plan has been renewed”

This campaign is directly related to last month’s “Malware Watch: Malicious Amazon themed emails in the wild” campaign, as well as to the Xerox WorkCentre Pro scanned document themed campaign, with both campaigns managed by the same cybercriminals.

Windows users are advised to keep their 3rd party applications and browser plugins up-to-date, use least privilege accounts, securely handle active content, or completely isolate their Internet activities, in order to mitigate a huge percentage of the risk posed by such attacks.

Image courtesy of WebSense.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Brand, Malware, Target.com, Cyberthreats, Social Networking, Spyware, Adware & Malware, Viruses And Worms, Security, Online Communications, Marketing, Advertising & Promotion, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Disclosure

Dancho Danchev

More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile.

Biography

Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile. You can also follow him on Twitter

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
Click Here