Malware Help. Org | Blog

Antivir64, a new rogue antispyware is on the prowl, it seems to be installing from scanner.antivir64.com with an affiliate id 1050 (scanner.antivir64.com/?aff=xxxx). The victims are redirected -probably through .htaccess file hack- from certain pages of legitimate but hacked websites. A quick google search shows first reports of blog sites getting hacked to redirect visitors to entice them to install antivir64 a variant of antispyware2008. I came across this malware accidentally when I happened to visit a page in connectedinternet.co.uk earlier today. My Firefox 3 hung in Windows Vista and I was forced to terminate it in not so graceful manner.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"HACKERS turned computer security specialists have accused Google of setting users up for online disasters by letting them personalise their home pages with applications that could be tainted. Software that people can be tricked into installing on iGoogle homepages can track their activities and even be used to control their computer, SecTheory chief executive Robert Hansen said today.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"Hackers, impersonating members’ friends, attacked Facebook by convincing users on Facebook’s Wall to view a video link that they said was hosted by Google. The Wall is a place were members post messages for friends.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"One of the factors that make an ongoing malware attack so difficult to stop is the speed with which the assault can evolve. Over the past 12 days, an IFrame injection attack that originally focused on ZDNet Asia has been spreading across the ‘Net, changing targets and payloads on an almost daily basis. An iFrame (short for inline frame) is an element of HTML that’s used to embed HTML from another source into a webpage. The timeline of the attack is provided below, thanks in no small part to security consultant Dancho Danchev, who has kept a play-by-play account of the IFrame attack on his blog.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"Researchers at McAfee estimated that the attack has been active for roughly one week, and in that time frame has managed to place itself on roughly 200,000 web pages.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"The code inserted in some Web pages of the site was meant to redirect the visitor to a malicious server that would download malware capable of stealing passwords on an infected computer, Trend Micro spokesman Michael Sweeny said. The attempt, however, failed.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"The web pages have been modified to silently redirect visitors to sites laden with malware that attempt to break into the user’s PC. McAfee Avert Labs described the assault as "one of the largest attacks to date of this kind".
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"Antivirus vendor Trend Micro Inc. confirmed Thursday that "some portions" of its site had been hacked earlier this week, but hedged when asked if those pages had been serving up attack code to unsuspecting visitors.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"An infamous hacking group called Cult of the Dead Cow (cDc) recently released a tool called Goolag Scanner, which simplifies and automates Google hacking.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!

"Two enterprising researchers claim to have figured out a way to eavesdrop on calls made using GSM mobile phones, cracking open its much-vaunted encryption.
Read the rest of this entry »

If you enjoyed this post, make sure you subscribe to my RSS feed!