An Example Email of Someone Trying to Exploit the Confusion Caused by the Recent Heartbleed SSL vulnerability

Written by James McDonald

April 30, 2014

Just saw this in my inbox. An email saying I need to change my Logmein.com SSL cert and a link to ‘new’ cert.

Screenshot of the email:

logmein_ssl

If you Download the ssl.zip and unzip it you get a “logmein_ssl_certificate.pif: PE32 executable (GUI) Intel 80386, for MS Windows”

Fortunately before you get to download the zip file you get a nice big warning page from the Cloudfare CDN saying it’s a fishing site. So you would have to be stupid (or in my case curious) to continue.

cloud_flare

 

 

 

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

How to Research a CPU Upgrade

How to Research a CPU Upgrade

Upgrade Time! Doing a lot of VMWare Workstation virtualization to create labs for self-study and training. Finding...