|
Site Admin |
Posts |
49593 |
Word Cnt. |
2,756,445 |
BDay |
Apr 22 |
Sign |
Taurus |
Sex |
|
|
|
|
Joined: Sep 25, 2004
Local time: 1:17 AM
Location: Texas
|
|
|
|
|
|
Fake E-mail LinkedIn Requests Send Users to Zeus Trojan
If you've received any suspicious-looking e-mails from LinkedIn recently, you may have been targeted by the latest Trojan attack to hit inboxes.
The malicious e-mails, which targeted billions of Windows users yesterday, seemed like normal LinkedIn invitations from random contacts. And, like most LinkedIn invites, the messages asked users to click a link to confirm the request. Instead of sending recipients to the site, however, the link directed users to a different page, hosting a message that read, "Please waiting .... 4 seconds." Eventually, users were directed to the Google homepage, which, at first glance, would seem innocuous enough.
As it turns out, though, the initial webpage contained malicious JavaScript, hidden in an iFrame. The script could reportedly detect which browser an individual was using, and automatically identify vulnerabilities in his or her system. Upon discovering a vulnerability, the script would then bug the system with a Zeus Trojan, which can steal any data that a user enters into Web forms, including passwords and bank information.
|
|