Malware uses self-hosted WordPress blogs to spread.
Published on August 11, 2012.
If you receive an email with the “Verify Your order” as a subject; then, you are being targeted with the new spam campaign discovered by SophosLabs.
The issue here is that the spam email contains a link that it is coming from a legitimate website that is hosting a WordPress blogs which was infected prior with the malware. Sophos Antivirus has detected the malware as Troj/PDFEx-FD, Troj/SWFExp-Al, Mal/ExpJS-N and Troj/Agent-XDM.
Unfortunately, the malware will infect the computer using the Blackhole exploit kit.