Secure Computing warns that email spam, indicating that the recipient has won a new iPhone, is directing users to a malware hosting website. The have discovered a website that is attempting to exploit over 10 Active X vulnerabilities in its efforts to install a malicious payload including the MSODataSourceControl vulnerability.Ã‚Â
The website is tracking visitors on the site and then redirecting repeat visitors to a different, clean webpage in efforts to thwart security researchers as well as using XOR encryption to obfuscate the attack.
The initial activity of the rootkit/spam bot malware is to incorporate the compromised PC into a spam sending botnet. Because the malware is rootkit-based, it would be a simple matter for the malicious hacker to at any time update the malware to include other nefarious tasks, such as key logging on the compromised PC to capture the user’s financial credentials for use in ID theft.