<p>The Darkleech campaign responsible for compromising thousands of websites has resurfaced, targeting Java and Adobe vulnerabilities to spread the Reveton ransomware.</p><p>Security firm FireEye reported being alerted to the latest wave of Darkleech attacks in a public blog post after its own web url was being targeted. "We were notified by several security researchers that a fireeye[.]com/careers HR link was inadvertently serving up a drive-by download exploit," read the post.</p><p>"It turns out, this attack was not targeted and it was not a watering hole attack. Instead, this campaign appears to be a recent wave of the Darkleech malware campaign, where third-party Horde/IMP Plesk Webmail servers were vulnerable to attack and used to serve up Java exploits that ultimately drop yet another ransomware named Reveton (similar to Urausy)."</p><p>Malware research engineer at FireEye Josh Gomez told V3 the attack is a development on the traditional Darkleech operation, and uses a multi-stage process to redirect users to malware-ridden websites.</p><p><a href="http://www.v3.co.uk/v3-uk/news/2295107/darkleech-campaign-targets-java-to-spread-reveton-ransomware">Keep reading...</a></p>