And of course, it's still more of the same stupid crap from these morons:
The new attack emerged late last week and is fronted by a fairly lame spam campaign that is sending millions of emails that appear to be holiday e-cards, one of the older and more threadbare techniques in this particular game. The messages all contain short messages similar to this:
"Tom has created a New Year ecard.
* Siberia Exploit Kit Offers Service to Evade Anti-Malware Software
* Some Pushdo Variants Resuming Spam Operations
* Exploit Kits Employing Obfuscation to Prevent Analysis
Get News by Email!
To view this page please click here: hxxp:maliciousurlgoeshere.com
According to an analysis of the attack by the researchers at the Shadowserver Foundation, victims who click on the link in the email are directed to one of a number of compromised domains, which then redirect the user to another page that displays a message asking the user to download a fake Flash player. This, of course, installs a piece of malware on the victim's machine.
And it's been Slashdotted:
http://it.slashdot.org/story/11/01/02/1 ... rs-Attacks
I'm certain all the usual suspects are keeping their eyes on this already.