Subject: Signal LinkedIn MailThe malware is on 199.115.229.55/showthread.php?t=977334ca118fcb8c (report here) hosted by Volumedrive in the US, which subsequently tries to download further malware from electrosa.com/8zvW2XE.exe (a site that has been used a lot in recent days). That domain and IP are worth blocking.
REMINDERS
Invitation reminders:
• From Scott Burwell (Product Director at SNCF)
PENDING MESSAGES
• There are a total of 44 messages awaiting your response. Visit your InBox now.
Don't want to receive email notifications? Adjust your message settings.
LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. © 2012, LinkedIn Corporation.
Thursday, 26 April 2012
LinkedIn spam / 199.115.229.55
This LinkedIn spam leads to malware on 199.115.229.55 after bouncing through a couple of legitimate hacked sites, a technique that we haven't seen for a couple of weeks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment