Fake App Store spam leads to malware

Websense warns about a fake Apple App Store spam campaign that is doing the rounds of inboxes. The user receives an email such as this one:

If the recipient follows the link inside the message, it will take him to a compromised webpage containing just a single linked word: “Visit”. While he is wondering why the link didn’t take him to the App Store, an exploit pack by the name “Eleonore” is being downloaded onto his machine. If he follows the “Visit” link in the hope of getting to the App Store page, he will be taken to a “Canadian Pharmacy” website.

The exploit pack drops a fake AV Trojan, and users should be extra careful because this particular file has only a 29% detection rate according to VirusTotal.




Share this