IE ZeroDay Lures Discovered
Attackers have begun spamming e-mail lures in an attempt to attract users to infected websites. These e-mail messages contain excerpts from actual BBC news stories and offer a link to "Read More". Users who follow this link are taken to a website that is a spoofed copy of the BBC news story from the e-mail.
This website exploits the unpatched createTextRange vulnerability and is currently being used to download and install a keylogger. This keylogger monitors activity on various financial websites and uploads captured information back to the attacker. WebsenseŽ - Security Labs Alert: IE Zero-Day Lures Discovered
Back to: PC Security, privacy news