Malicious Microsoft Services Agreement Emails Use the Recent Java Exploit

The exploit has been wreaking havoc for more than a week now

By on September 4th, 2012 11:50 GMT
Oracle may have patched the vulnerabilities that started to be exploited in the wild last week, to great effect unfortunately, in an emergency update to the Java runtime, but most people still haven't updated and attackers are having a field day.

The fact that the patch may not have actually fixed the issue completely only makes things worse.

The latest campaign to make use of the Java vulnerability is an email campaign purporting to be coming from Microsoft. The emails warn people about a change in Microsoft's Services Agreement and direct them towards infected pages.

Using the Java exploit, the attackers install a version of the Zeus trojan, which is designed to steal bank account information.

Since the Java exploit has been part of the Blackhole Exploit Kit for enough to time make a difference, it has more than doubled the success rate of the tool, according to researchers. The only sure way to protect yourself is to disable Java, for now.

Comments