CyberCriminals has started to sending spam mails which pretends to be from Microsoft regarding the Important Changes to Microsoft Services Agreement and Communication Preferences.
The spam leads to a BlackHole Exploit compromised page which includes the latest version of Java Exploit(CVE-2012-4681).
If your software is not up to date, then the page will exploit the vulnerability in your software and drops the Zeus variant.
According to ISC, the mail includes a hyperlink to the likes of allseasons****.us, radiothat****.com, and likely a plethora of others.The radiothat****.com was redirected to 209.x.y.14 which is running the latest version of BlackHole exploit kit.
At the time of writing, the malicious java exploit has been detected by 8/42 in the virus Total and zeus variant detected by 6/42.
