By Luis Chapetti – Security Researcher
It’s no surprise that just days after the selection of the new Pope, spammers are capitalizing on the big news of the day. Barracuda real time protection systems have caught over 400,000+ emails pretending to be from CNN with subjects such as “New Pope, Vatican officials sued over alleged sexual abuse! – CNN.com*” and “Family sues new Pope. Exclusive! – CNN.com*”. They prey upon the curious and the outraged, inspiring them to click. The hacked domains these point to are delivering a black hole exploit kit. Once the kit determines usable exploits, the payload executes and sends the information back to its command and control center.