Popular webmail provider Yahoo has been slammed with a new e-mail-based attack that seizes control of victims’ accounts. Bitdefender Labs discovered the ongoing campaign today and are once again warning users about the dangers of clicking spammy links.
The account hijacking begins with a spam message with a short link to an apparently harmless session of the reliable news channel MSNBC (hxxp://www.msnbc.msn.com-im9.net[removed]).
A closer look at the real link reveals
that the true domain is not part of MSNBC, but a crafty domain composed
of subdomains at hxxp://com-im9.net.
The domain was registered in Ukraine on
Jan 27 and is hosted in a data center in Nicosia, Cyprus. This page
contains a piece of malicious JavaScript, disguised as the popular
Lightbox library that will perform the attack in stage 2.
Fuente: www.hotforsecurity.com/blog/
No hay comentarios:
Publicar un comentario