-
Recent Posts
Recent Comments
Archives
Categories
Meta
Tag Archives: malicious code
toobarcom, mybar, adsnet infections
Over the past week or so, we’ve been fighting a new website infection. At first, it appeared to be infecting just one hosting provider, but as we investigated further, we found it was affecting websites on many hosting providers. I’m … Continue reading
Posted in Uncategorized
Tagged adsnet.biz, backdoor, edisonsnightclub.com, freead.name, ftp credentials, gaindirectory.org, hackers, hosting providers, ideacoreportal.com, infected website, karenegren.com, malicious code, malscript, myads.name, mybar.us, obfuscated, this.b=this.M, toolbarcom.org, var st, website infection
Leave a comment
The new Attack – d0lphin.biz
We recently came across a number of websites that have been injected with malscript iframes that load malware from d0lphin.biz. Following is our report on this attack. Cybercriminals appear to be using their network of infected PCs to modify … Continue reading
Another Round of Beladen? Or, The New "Go" Infection
On Wednesday July 22, 2009 we started seeing what looks to be a new round of beladen style website infections by cybercriminals. The reason we think they’re beladen style is that they appear to infect all the websites on shared … Continue reading
Posted in Uncategorized
Tagged anti-virus, beladen, cybercriminal, daobrains.info, deobfuscate, evading detection, globalsecurityscans.com, goscansome.com, goscansoon.com, goslimscan.com, gumblar, hacker, hackers, hosting provider, ina6co.com, infected webpage, infected website, infectious website, legitimate website, malicious code, malscript, malware, martuz, obfuscate, oigmlob, safetyshareonline.com, social engineering, sql injection, this site may harm your computer, trojan, undetectable, ventsol.info
14 Comments
A New Spin on martuz Website Infection
We were tasked with helping a website owner find all the malscripts on his site and remove them. He, like many, learned that his site was an infectious website delivering malicious code with an email from Google. This website owner … Continue reading
Paul McCartney's Web Site Hacked – "Back in the USSR"
Yes it’s true. The rock n roll icon Paul McCartney had his website hacked. (This attack isn’t necessarily originating in Russia, but I couldn’t refuse the obvious opportunity.) It’s amazing how certain hackings follow the news. It was just a … Continue reading
Social Networks & Social Engineering – Twitter Round 2
Continuing on from Round 1, I decided to take a step further and show you exactly how susceptible you are to a socially engineered infection through Twitter. Actually it’s more an attack through TinyURL.com, but since Twitter automatically converts URLs … Continue reading
Social Networks & Social Engineering – Twitter Round 1
My first review will be Twitter. I selected Twitter because it’s widely used and even easier for social engineering than some of the others. First a little background on Twitter. Many people categorize Twitter as a “micro” blog. This means … Continue reading
Posted in Social Networks
Tagged bit.ly, cyber attacks, cyber threats, cybercriminal, cybersecurity, evading detection, Facebook, get-shorty, hacker, hackers, infected webpage, infected website, infectious websites, malicious code, malware, snipurl, social engineering, tinyurl, Twitter
Leave a comment
Social Networks & Social Engineering – What a Pair
When we started this service we knew that one of our main goals was to “get the word out” on how websites have been in the line of fire for cybercriminals. We published a report, “How Cybercriminals Use Your Website … Continue reading
Posted in Social Networks
Tagged anti-virus, cyber attacks, cybercriminal, Facebook, fastpitch, Frank Kern, hacker, hackers, infected webpage, infected website, infectious websites, Jeff Walker, linkedin, malicious code, malware, myspace, security threats, social engineering, trojan, Twitter, Yanik Silver
Leave a comment
Website used by Federal Government Hacked!
It was discovered that GovTrip.com, a website used by federal government employees for booking travel reservations was hacked and serving up malicious code through redirects. The site is currently unavailable as they perform their forensic investigation and clean up the mess. According … Continue reading
Posted in Current Event Attacks
Tagged compromised website, cybercriminal, govtrip.com, malicious code, redirect code
2 Comments
Halloween Costumes and SEO
Not to be left out of the upcoming festivities, hackers are using SEO to infect more people with their fake Anti-virus programs. For the past week we’ve been monitoring 2 current events – Halloween and the financial crisis. What we’ve … Continue reading