Sponsored by..

Wednesday, 11 April 2012

LinkedIn Spam / baiparz.com

This fake LinkedIn message leads to malware:

Date:      Wed, 11 Apr 2012 15:09:48 -0300
From:      "Pasquale Nieves" [warthogv@linkedin.com]
Subject:      LinkedIn Nofitication service message


LinkedIn
REMINDERS

Invitation reminders:
? From Felix Byers (Your Colleague)


PENDING MESSAGES

? There are a total of 2 messages awaiting your response. Visit your InBox now.

Don't want to receive email notifications? Adjust your message settings.

LinkedIn values your privacy. At no time has LinkedIn made your email address available to any other LinkedIn user without your permission. � 2010, LinkedIn Corporation.

There's a malicious payload at baiparz.com/main.php?page=f93de12c807d28df (report here) which is hosted by Griffin Internet in the UK on 85.189.11.134 and also can be found on the familiar IP address of 41.64.21.71 which is an ADSL subscriber in Egypt.

No comments: