Voice E-mail Spam Leads to Blackhole and Zbot Malware

Security researchers at TrendMicro reported a new spamming campaign that is spreading the Blackhole Exploit Kit. The emails are attaching a zipped file that contains a downloader to install Zbot and take control of victim machines.

Cyber criminal are combining the attack with a link that claims to be a voice message in the email that leads to a compromised website hosting a malicious Java script. According to TrendMicro it is rarely that they detect such a combined case where attacker are attaching a malware and submitting a malicious URL in the email.

BlackholeMalicious E-mail screenshot (click to enlarge)

BlackHole is one of the popular exploit kits that are available on black market and it allows criminals to use security vulnerabilities to install malicious software on the target system. Developers of the kit managed to exploit critical vulnerabilities in Java even before Oracle released a security patch for them.

If you receive a similar voice message don’t click on the HTML links and directly delete the email. Make sure to run a security software scan on any email you receive to be sure that they are safe from malicious content.

Share