PresseBox
Pressemitteilung BoxID: 333285 (Websense Deutschland GmbH)
  • Websense Deutschland GmbH
  • Feringastrasse 6
  • 85774 München Unterföhring
  • http://www.websense.com
  • Ansprechpartner
  • Rebecca Zarkos
  • +44 (118) 938-8607

Fake Apple App Store Malicious Spam

(PresseBox) (Köln, ) Websense Security Labs ThreatSeeker Network has discovered that Apple's App Store has become the latest target for email attacks and spam. App Store is the service provided by Apple Inc. as a platform to purchase and download applications for iPhone, iPod touch, and iPad. The attack comes in the form of a fake invoice email.

With Apple's App Store being one of the most popular shopping platforms for multimedia, this kind of App Store invoice email is familiar to users and tends to be received frequently. As demonstrated here, cybercriminals clearly jump at a chance to spread their spam using any available means. The content in this campaign resides on compromised Web sites and serves a combination of pharmaceutical spam along with exploits that are delivered in the background. Some of the messages serve only pharmaceutical spam and some combine spam with exploits. In the example below, clicking the link in the message redirects the user to a site with a single link labeled "visit". In the background, a known exploit pack called "Eleonore" is delivered to the user's machine. If the user clicks on the link, they are redirected to a "Canadian Pharmacy" Web site. In this particular attack instance the file dropped by the exploit pack has 29% detection rate: http://www.virustotal.com/analisis/5e99fa5527e737e38ecea80c5a9d40759003f739fe6649cb501496a884ad75ae-1269442230.

To view the details of this alert: http://securitylabs.websense.com/content/Alerts/3587.aspx?cmpid=slalert