14 DAY TRIAL // Cybercriminals have registered a domain called dynamooblog.ru – most likely inspired by the well-known security blog Dynamoo’s Blog – which they’re using to host malware.
The attack starts with a fake Dropbox email that instructs recipients to update their expired password.
“We have a warning in our system that you recently tried to login in to Dropbox with a password that you haven't changed long time already. Your old password has expired and you'll need to create a new one to log in. Please visit the page to update your password,” the emails read.
The link doesn’t point to Dropbox.com, but to the malware-landing page hosted on dybamooblog.ru. The malicious domain is hosted on a lot of IP addresses that have been serving a variant of the data-stealing ZeuS malware.
Currently, the malware version is detected by a lot of antiviruses, so if you have one installed on your computer, you should be safe. On the other hand, the cybercriminals might start serving a new variant, so the best thing to do is to avoid clicking on links from suspicious emails.