Application security, Malware, Phishing, Threat Management, Vulnerability Management

LinkedIn spam run aims to foist Zeus on victim PCs

September 28, 2010

Users of LinkedIn are being targeted in a massive spam campaign designed to install the bank credential-stealing Zeus trojan on their machines. The emails, accounting for nearly a quarter of all spam at one point Monday, mimic LinkedIn invitations, according to Cisco. But when users click on the link contained in the message, they are delivered to a website that reads "PLEASE WAITING...4 SECONDS" and then are directed to Google. During that time, however, Zeus is installed on their machines if they are unpatched for certain browser vulnerabilities. This particular spam campaign and ensuing drive-by download attempts are notable because of the size and the apparent targets: business professionals with access to corporate bank accounts, Henry Stern, a Cisco senior security researcher, said in a blog post. — DK

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Dan Kaplan

Related

Steps in different colors reading KEYFACTOR Tech Days.

Keyfactor Tech Days: Catching up to the future

Paul WagenseilMarch 6, 2025

The Keyfactor Tech Days conference in Miami Beach was an upbeat but somewhat sobering look at the near future of secure encryption.

botnet computer virus red background

Threat Intelligence

Expanded BadBox botnet partly disrupted

SC StaffMarch 6, 2025

A joint operation led to the sinkholing of over 500,000 infected devices.

(Adobe Stock)

Threat Intelligence

Microsoft reveals Silk Typhoon supply chain attack

Laura FrenchMarch 5, 2025

The China state-sponsored espionage group compromises IT and cloud companies to attack customers.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Related Terms

Backdoor Banner Browser Buffer Overflow Bug Client Common Gateway Interface (CGI)Cookie Darknet Dumpster Diving