Fake AT&T wireless bill links to malware

Large outbreaks of phony AT&T wireless e-mails were distributed in the last 2 days, Commtouch said April 5.

The e-mails describe very large balances ($943), that are sure to get aggravated customers clicking on the included links.

Every link in the e-mail leads to a different compromised site with malware hidden inside.

The pattern is: legitimate domain / recurring set of random letters / index.html. The index.html file tries to exploit at least the following known vulnerabilities: Libtiff integer overflow in Adobe Reader and Acrobat — CVE-2010-0188; and Help Center URL Validation Vulnerability — CVE-2010-1885.

Source: http://www.net-security.org/malware_news.php?id=2057