Sponsored by..

Wednesday 17 October 2012

LinkedIn spam /

This fake LinkedIn spam leads to malware on

From: LinkedIn.Invitations [mailto:8B44145D0@bhuna.net]
Sent: 17 October 2012 10:06
Subject: New invitation is waiting for your response

Hi [redacted],

User sent you an invitation to connect 6 days ago. How would you like to respond?

Accept    Ignore Privately

Alexis Padilla

C.H. Robinson Worldwide (Sales Director)

You are receiving Invitation emails. Unsubscribe.

This email was intended for [redacted].
Learn why we included this.
2012, LinkedIn Corporation. 2029 Stierlin Ct. Mountain View, CA 94043, USA
The malicious payload is at [donotclick] allocated to Data 102 in the US and then suballocated to:

network:Network-Name:Buzy Bee Hosting /27
network:IP-Network-Block: -
network:Org-Name:Buzy Bee Hosting
network:Street-Address:1451 North Challenger Dr
network:City:Pueblo West

Blocking the IP (and possibly the /27 block) is probably wise.

No comments: