FYI...

US SEC SPAM leads to exploit and stealer
- http://www.gfi.com/blog/us-securitie...t-and-stealer/
March 2, 2012 - "... received an email** in his GMail inbox that purports to originate from the U.S. Securities and Exchange Commission (SEC)... Clicking the link leads users to ftp(dot)psimpresores(dot)com(dot)ar/QH1r1tTd/index(dot)html, which then -redirects- them to trucktumble(dot)com/search(dot)php?page=d44175c6da768b70... This page contains a Blackhole exploit kit that targets the following vulnerabilities:
CVE-2010-0188, an old Adobe Reader and Acrobat vulnerability (patch already available)
CVE-2010-1885, an old Microsoft Windows Help and Support vulnerability (patch already available)
Based on the deobfuscated script, this exploit can also target other vulnerabilities on Java, Adobe Flash, and Windows Media Player. Once vulnerabilities of these software were successfully exploited, users are then led to the website, trucktumble(dot)com/content/ap2(dot)php?f=e0c3a, where the file about.exe can be downloaded... about.exe was found to be a variant of ZBOT, that infamous information stealer, and we detect it as Win32.Malware!Drop. Only 12 AV vendors* detect the variant as of this writing..."
* https://www.virustotal.com/file/bc43...7c4a/analysis/
File name: about.vxe
Detection ratio: 12/43
Analysis date: 2012-03-02 05:19:43 UTC

** http://www.gfi.com/blog/wp-content/u...03/email01.png