Security researchers have discovered a new spam campaign using the Pinterest brand to
spread malware via a Blackhole Exploit Kit.
The messages looks like legitimate emails from Pinterest, informing users their passwords have been reset and urging them to click on the included link to see their new ones. This may fool some users into thinking it’s legit as most know companies will always direct users to their websites rather than ask or show personal details in emails. However anyone who clicks on the link is sent through a dizzying series of website redirects which ends with the download of TROJ_PIDIEF.USR, a trojan horse that calls to a remote server and downloads another piece of malware called BKDR_KRIDEX.KA.
A member of the Cridex family, it allows a hacker to remotely access an infected PC and take total control over it. This allows them to steal personal info and sensitive documents, use the PC’s internet connection and email accounts to pump out spam and call to a remote server to download more malware, block any anti-virus programs, and more. Cridex in particular monitors the computer for visits to online banking sites and steals the log on credentials typed in. This data is then used by the hacker to clean out the account, go on a spending spree, or sell on the black market to other hackers.
It’s imperative your employees are continuously educated on how to spot and protect themselves from phishing attacks and malicious spam. Both can seriously compromise your network and the data it holds, costing you your customer’s trust and possibly a great deal of time and money.