Monday, May 16, 2022

LinkedIn spam Emails Spread Cridex Trojan

A new spam campaign is surfacing again “Join my network on LinkedIn” bogus emails that have been making the rounds since 2010.

According to researchers from GFI Labs, this particular campaign has been going strong over the past days, attempting to trick recipients into clicking on links that point to BlackHole exploit kit sites.

These malevolent websites are configured to push the information-stealing Cridex Trojan onto the computers of unsuspecting users.

The clever thing about this scam emails is this question: “Why might connecting with user be a good idea?”

Cridex is a popular trojan, and in the past has targeted many financial insitutions, you can view m86Securities analysis of the malware here.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …