Last week we reported that a Fake Microsoft Critical Update was one of the top sources of active computer exploitation being delivered in the emails we were watching in the UAB Spam Data Mine. That campaign took the weekend off and emerged Monday morning with a new feature that we shared with you yesterday. The same campaign has mutated yet again, but now is pretending to be a conspiracy email about Michael Jackson!
The new campaign uses email like this one:
which redirects visitors to more than 40 different websites which all look like this:
The list of websites we've seen so far in our spam include all of these:
Analysis of the malware performed by UAB Malware Analyst, Brian Tanner, a Computer Forensics student, reveals that just visiting the website is enough to infect your computer. Especially if the visitor doesn't have the current version of Adobe Acrobat Reader.
VirusTotal reveals that only 10 of 41 anti-virus products currently detect this malware. Here's a VirusTotal Report.