Blackhole Exploit + Rogue AV capitalizes on Steve Jobs' passing

Forcepoint

Websense ThreatSeeker® Network has detected malicious email messages claiming that the late Apple founder and CEO, Steve Jobs, is still alive. Websense Email Security and Websense Web Security protect against these blended attacks with ACE, our Advanced Classification Engine.

Some of the email subjects used in this attack include :

Steve Jobs: Not Dead Yet!
Steve Jobs Alive!
Steve Jobs Not Dead

Screenshot 1 : Sample Email Messages

The email messages contain links to compromised web sites that redirect to Blackhole Exploit Kit and install Rogue AV malware. The malicious file used in this attack is poorly detected by AV engines.

Screenshot 2 : Malicious Redirect

Screenshot 3 : Obfuscated Exploit Code

As always, don't click on links in emails you didn't expect to receive, they tend to be bad news.

Forcepoint

Forcepoint-authored blog posts are based on discussions with customers and additional research by our content teams.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.

Learn more about Forcepoint

Blackhole Exploit + Rogue AV capitalizes on Steve Jobs' passing

Forcepoint

About Forcepoint

Sign up for the latest from our research and development team

To the Point Cybersecurity

X-Labs

Get insight, analysis & news straight to your inbox

You are here

Forcepoint

About Forcepoint

Sign up for the latest from our research and development team