Sophisticated spam attack targeting UK users looking for jobs and extra income

Compromised devices are used to act as proxies forwarding a malicious base64-encoded PHP script to vulnerable web servers in a new spam campaign active since May.

The compromised web servers in turn send an email, with link to the scam sites, to specific email addresses. Although currently used for directing the email recipients to scam news and cryptocurrency sites, by using a PHP shell the attackers could exploit the web server even after patching.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: