Starbuck Posted August 3, 2010 Posted August 3, 2010 Rogue Google Mail invitations direct users to malicious websites. A new malware distribution campaign is abusing the default template of emails used to invite people to Gmail. The links in the rogue messages point to a website riddled with exploits. "We’re seeing quite the uptick in spoofed 'Your Friend has invited you to open a Google mail account' emails lately," security researchers from OnyMyEmail, a Michigan-based anti-spam solutions vendor, warn. The fake messages look almost identical to the real Gmail invitations put out by Google's system. The researchers believe that the names and addresses used in the Form field of the spam emails are copied from the address book of users who's computers have already been compromised. In addition, the messages are probably sent from the same infected machines, which are now part of a botnet. http://img.photobucket.com/albums/v708/starbuck50/new/Template-3.jpg All hyperlinks included in the rogue emails, like the ones for "Sign up" or "Learn more" lead to a malicious website. The landing page loads an Web exploit toolkit which targets vulnerabilities in outdated versions of popular software like Adobe Reader, Flash Player or Java. These kind of attacks are known as drive-by-downloads, because their purpose is to download and execute malicious files without the victim's permission. The whole process is completely transparent to users, which makes these malware infections very hard to detect without a capable antivirus program running on the computer. There seems to be an increasing trend of abusing email templates used by legit services, which suggests that the technique is successful; at least to extent that would compell other spammers to adopt it. In the past two months we've seen this method used to direct users to spam websites, Web exploits or pages employing social engineering tricks. Source: Malware Pushers Abuse Gmail Invitation Template - Rogue Google Mail invitations direct users to malicious websites - Softpedia Quote Member of:UNITE
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.