Tag Archives: Amazon

Fake Amazon ‘Your Kindle E-Book Order’ themed emails circulating in the wild, lead to client-side exploits and malware

Posted on by

By Dancho Danchev

Kindle users, watch what you click on!

Cybercriminals are currently mass mailing tens of thousands of fake Amazon “You Kindle E-Book Order” themed emails in an attempt to trick Kindle users into clicking on the malicious links found in these messages. Once they do so, they’ll be automatically exposed to the client-side exploits served by the Black Hole Exploit Kit, ultimately joining the botnet operated by the cybercriminal/cybercriminals that launched the campaign.

More details:

Continue reading

‘Your Kindle e-book Amazon receipt’ themed emails lead to Black Hole Exploit Kit

Posted on by

By Dancho Danchev

Kindle owners, watch what you click on!

Cybercriminals are currently attempting to trick Kindle owners into thinking that they’ve received a receipt from an E-book purchase from Amazon.com. In reality, when users click on any of the links found in the malicious emails, they’re automatically exposed to the  client-side exploits served by the Black Hole Exploit Kit.

More details:

Continue reading

Cybercriminals spamvertise ‘Amazon Shipping Confirmation’ themed emails, serve client-side exploits and malware

Posted on by

By Dancho Danchev

Over the past week, cybercriminals have been spamvertising millions of emails impersonating Amazon.com in an attempt to trick customers into thinking that they’ve received a Shipping Confirmation for a Vizio XVT3D04, HD 40-Inch 720p 100 Hz Cinema 3D LED-LCD HDTV FullHD and Four Pairs of 3D Glasses.

Once users click on any of the links found in the malicious email, they’re automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit kit.

More details:

Continue reading

Spamvertised ‘Your Amazon.com order confirmation’ emails serving client-side exploits and malware

Posted on by

By Dancho Danchev

Everyone uses Amazon! At least that’s what the cybercriminals are hoping.  Cybercriminals are currently spamvertising millions of emails impersonating Amazon.com Inc. in an attempt to trick end and corporate users into clicking on the malicious links found in the emails.

More details:

Continue reading

Zappos.com hacked, 24 million users affected

Posted on by

by Dancho Danchev

According to an internal memo issued by Zappos, the shoe-and-apparel-selling division of Amazon has been breached by unknown cyber attackers, leading to the compromised accounts of over 24 million users.

The company has indicated that names, email addresses, mailing addresses, and the last four digits of customer’s credit card numbers have been compromised.

More info on the attack, including a copy of the internal memo:

Continue reading

Criminals Abuse Amazon Hosting with Rogues, Ransomware

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

The criminals who push rogues at the world don’t really care about the reputations of the ISPs or Web hosting services they abuse. They leap from free service to free service until they’ve thoroughly worn out their welcome and, in some cases, destroyed the reputation of the service they abused. But they have behaved in one predictable way over the years: They’re stingy, and won’t pay for anything unless it’s absolutely necessary, despite the fact that they’re raking in cash by the boatload.

But that seemed to change this week when we saw a number of Web sites pop up on the radar. The sites employ the now well-worn scam of pretending to be some sort of video streaming service. In this case, they pretended to be a porn site, but the most surprising part was not what was hosted, but where: Amazon’s Cloudfront hosting service ended up, temporarily for a few hours, serving up malicious Web pages. Amazingly, it seems they actually paid for hosting instead of just stealing it.

Amazon shut the sites down quickly, but before they did, we visited one site called xrvid-porno.com. The page isn’t exactly family friendly, but the gist of the scam is that that page eventually redirected the browser to a server inside of Amazon’s cloud hosting service, and that’s where the trouble began.

Continue reading