Phishing-Botnet Attack is back to LinkedIn

It seems that an old/new phishing/botnet attack is back to LinkedIn.

In the last period LinkedIn users got messages from an phishing scam (attacker) which sent an e-mail messages on behalf of LinkedIn system and redirected users to the following domains that appears to be a compromised sites with a normally benign intent:

hxxp://ilcindia.org/wp-content/uploads/wps.php?c002

hxxp://www.rfszkki.sulinet.hu/wps.php?c002

hxxp://www.rezagroup.net/templates/beez/wps.php?c002

linkedin

The second location “kumapanda.com” is hosting BlackHole exploit kits and ZeroAccess malware. This domain is currently pointed to:

“ghettoradio.nl” – another site with the same exploits and malware.

and many others includes:

grhterceirizacoes.com.br

So just another reminder 🙂

Don’t click every message’s link you got from your social networks,

or at least don’t accept fake users to your contact list.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s