bill-swift - June 15, 2012
People use Craigslist for a lot of stuff. You can sell virtually anything, from books to cars to apartments and even houses. You can find someone to hook up with in the classifieds, or even get a job if you recently got fired.
Given the site's popularity, you can also expect a huge legion of scammers trolling the site, posting bogus ads and sending fake emails to try and lure unsuspecting victims into scams and malware-infected websites.
Researchers from Websense have reported that they have come across over 150,000 emails containing links to compromised sites that are hosting the Blackhole exploit kit. These kits take advantage of unpatched exploits to hack into computers and install malware.
The subjects of these emails are patterned after how Craigslist sends off confirmation emails after someone posts an ad. Some of the scam emails are headlined with the following subjects:
POST/EDIT/DELETE : "Models for fine" (systems / network)
POST/EDIT/DELETE : "Studio4PaintWorkCatskills" (education)
POST/EDIT/DELETE : "Show Your Art" (cars+trucks)
The messages copy Craigslist's confirmation emails as well, but the links in the message don't point back to Craigslist. Instead, they lead to Wordpress sites that hides an iFrame redirection code that leads them off to compromised sites that are serving the Blackhole exploits.
The kit tries to exploit Adobe Reader, Adobe Acrobat and Windows Help and Support Center vulnerabilities on the user's machine. When it does find one, the kit then proceeds to inject malware into the computer--and that's when the bulk of the trouble begins.
When you receive suspicious-looking emails or unexpected notifications, hit the spam button and delete the messages from your inbox. It's better to be safe than sorry, especially in cases like these. Make sure you've got an anti-virus program installed on your computer and keep it updated to stay protected.
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.