-
Recent Posts
Recent Comments
Archives
Categories
Meta
Tag Archives: hackers
toobarcom, mybar, adsnet infections
Over the past week or so, we’ve been fighting a new website infection. At first, it appeared to be infecting just one hosting provider, but as we investigated further, we found it was affecting websites on many hosting providers. I’m … Continue reading
Posted in Uncategorized
Tagged adsnet.biz, backdoor, edisonsnightclub.com, freead.name, ftp credentials, gaindirectory.org, hackers, hosting providers, ideacoreportal.com, infected website, karenegren.com, malicious code, malscript, myads.name, mybar.us, obfuscated, this.b=this.M, toolbarcom.org, var st, website infection
Leave a comment
Attack of mailcheck.php and chat.pl
This attack isn’t anything new, it was used on a number of Italian sites in March 2010, but we’ve been seeing more of it infecting websites recently so I thought I’d elaborate. Quite often when scanning or cleaning infected websites, … Continue reading
Posted in Uncategorized
Tagged base64_decode, chat.pl, hackers, infected website, mailcheck.php, ob_start, security_update
Leave a comment
Hackers now "touch" all files
This is going to be a short post. While working on cleaning a number of websites this past week, I’ve noticed something very different. One of the steps we take when cleaning a website is to record the last modified … Continue reading
The new Attack – d0lphin.biz
We recently came across a number of websites that have been injected with malscript iframes that load malware from d0lphin.biz. Following is our report on this attack. Cybercriminals appear to be using their network of infected PCs to modify … Continue reading
Another Round of Beladen? Or, The New "Go" Infection
On Wednesday July 22, 2009 we started seeing what looks to be a new round of beladen style website infections by cybercriminals. The reason we think they’re beladen style is that they appear to infect all the websites on shared … Continue reading
Posted in Uncategorized
Tagged anti-virus, beladen, cybercriminal, daobrains.info, deobfuscate, evading detection, globalsecurityscans.com, goscansome.com, goscansoon.com, goslimscan.com, gumblar, hacker, hackers, hosting provider, ina6co.com, infected webpage, infected website, infectious website, legitimate website, malicious code, malscript, malware, martuz, obfuscate, oigmlob, safetyshareonline.com, social engineering, sql injection, this site may harm your computer, trojan, undetectable, ventsol.info
14 Comments
The Blame Game
Major Malware Outbreaks Evade Anti-Virus Protection A report released on July 14, 2009 states that “Several successive and massive malware outbreaks caused a spike in malware that was undetected by major AV engines.” In Commtouch’s Q2 Report available here , which … Continue reading
Posted in Uncategorized
Tagged adobe vulnerability, anti-virus, badwarebusters, cybercriminal, evading detection, ftp, gumblar, gumblar.cn, hacker, hackers, hosting provider, iframe, infected webpage, infectious website, infectious websites, malscript, malware, martuz, martuz.cn, SERP, this site may harm your computer, undetectable, website hacked
9 Comments
The Errors of Error Pages
Over the past few months, the number of sites infected with malscripts has increased dramatically. Many of these injection infections are difficult to track. Unbeknownst to many site operators, “error pages” can actually complicate the detection process. This blog posting … Continue reading
The Internet Explosion
According to research, there are approximately 162 million websites on the Internet as of April 2008. To put this into perspective, in 1996 there were only 100,000. Talk about a meteoric rise. The cause of this growth has many roots. … Continue reading
Don't Open That File!
Yes, just when you thought it was safe to open Adobe Acrobat files (with a .pdf extension), it’s not. Everyone who reads this should update their Adobe Acrobat Reader here: http://www.adobe.com/support/security/bulletins/apsb09-04.html Hackers (or as some prefer – cybercriminals), have found … Continue reading
Paul McCartney's Web Site Hacked – "Back in the USSR"
Yes it’s true. The rock n roll icon Paul McCartney had his website hacked. (This attack isn’t necessarily originating in Russia, but I couldn’t refuse the obvious opportunity.) It’s amazing how certain hackings follow the news. It was just a … Continue reading