This fake LinkedIn spam leads to malware on
184.154.220.226:
Date: Fri, 4 May 2012 -04:52:32 -0800
From: LinkedIn Password [password@linkedin.com]
Subject: Reset Your LinkedIn Password
LinkedIn
Hi hippy,
Can’t remember your LinkedIn password? No problem - it happens.
Please use this link to reset your password within the next 1 day:
Click here
Then sign in to LinkedIn with your new password and the email address where you received this message.
Thanks for using LinkedIn!
The malware is hosted on
184.154.220.226/showthread.php?t=34c79594e8b8ac0f (Singlehop, US) which is a very heavily obfuscated exploit page with a not very impressive
VirusTotal detection rate of 2/42. Blocking the IP is a good proactive step to stop this from being a problem.
No comments:
Post a Comment