Comments on: Spamvertised American Airlines themed emails lead to Black Hole exploit kit http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/ WEBROOT - INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS Fri, 17 May 2013 20:44:03 +0000 hourly 1 http://wordpress.com/ By: ‘Your Kindle e-book Amazon receipt’ themed emails lead to Black Hole Exploit Kit « Webroot Threat Blog – Internet Security Threat Updates from Around the World http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-114839 Tue, 05 Feb 2013 07:01:29 +0000 http://blog.webroot.com/?p=7335#comment-114839 [...] Spamvertised American Airlines themed emails lead to Black Hole exploit kit [...]

]]> By: Bogus IRS ‘Your tax return appeal is declined’ themed emails lead to malware « Webroot Threat Blog – Internet Security Threat Updates from Around the World http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-86325 Mon, 19 Nov 2012 07:01:33 +0000 http://blog.webroot.com/?p=7335#comment-86325 [...] Your Transaction is Aborted’ themed emails serve client-side exploits and malware“; “Spamvertised American Airlines themed emails lead to Black Hole exploit kit” malicious campaigns, indicating that these have all been launched by the same [...]

]]> By: ‘American Express Alert: Your Transaction is Aborted’ themed emails serve client-side exploits and malware « Webroot Threat Blog – Internet Security Threat Updates from Around the World http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-84384 Mon, 12 Nov 2012 07:02:42 +0000 http://blog.webroot.com/?p=7335#comment-84384 [...] The last time we came across this IP (210.56.23.100), was in July 2012′s analysis of yet another malicious campaign, this time impersonating American Airlines. [...]

]]> By: Cybercriminals spamvertise bogus greeting cards, serve exploits and malware « Webroot Threat Blog http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-68525 Tue, 21 Aug 2012 21:29:07 +0000 http://blog.webroot.com/?p=7335#comment-68525 [...] The second sample phones back to 87.204.199.100:8080/mx5/B/in/ not surprisingly, we’ve already seen this command and control server used in numerous profiled campaigns, such as, for instance, the AT&T Billing Center impersonation one, the Craigslist spam campaign, the PayPal spam campaign, the eBay spam campaign, and the American Airlines themed spam campaign. [...]

]]> By: Cybercriminals impersonate AT&T’s Billing Service, serve exploits and malware « Webroot Threat Blog http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-66544 Fri, 10 Aug 2012 17:31:16 +0000 http://blog.webroot.com/?p=7335#comment-66544 [...] Once executed, the sample phones back to hxxp://87.204.199.100:8080/mx5/B/in/. We’ve already seen the same command and control served used in several malware-serving campaigns, namely, the Craigslist spam campaign, the PayPal spam campaign, the eBay spam campaign, and the American Airlines themed spam campaign. [...]

]]> By: Spamvertised ‘PayPal has sent you a bank transfer’ themed emails lead to Black Hole exploit kit « Webroot Threat Blog http://blog.webroot.com/2012/07/13/spamvertised-american-airlines-themed-emails-lead-to-black-hole-exploit-kit/#comment-64974 Thu, 02 Aug 2012 17:33:28 +0000 http://blog.webroot.com/?p=7335#comment-64974 [...] execution the sample phones back to a well known command and control server - 87.204.199.100/mx5/B/in/ which we’ve already seen in several previously profiled [...]

]]>