Malware Watch: Adobe zero day attack, malicious FIFA-themed spam, exploit serving Virus Alerts
Researchers from WebSense are reporting on three currently active malware campaigns, attempting to trick end users into opening malicious HTML files, or automatically exploiting vulnerable PCs relying on the recent Adobe zero day flaw (CVE-2010-1297).
The first campaign is using a FIFA World Cup scandal theme, whereas the second is relying on the well known (see Fake ConfickerInfection Alerts) "Virus Infection" alert theme. The Adobe zero day flaw exploitation is taking place through a mass SQL injection attack currently affecting thousands of pages.
The attack is closely related to the hxxp://ww.robint.us/[REMOVED].js attack earlier this week that our friends at Sucuri blogged about, where the common theme was that all Web sites were running on Microsoft IIS and used ASP.NET. In fact, the majority of sites compromised by the new mass injection attack still have the robint.us code present.
More details on the FIFA/Virus Alerts themed campaigns: