SEARCH RESULTS
 
Showing 1-10 of 17 records
 
Expand article

Holiday Storm Part 3

2007-12-26 23:43:00 by Russ McRee in HolisticInfoSec.org
 
...W32/StormWorm.R Avast - Win32:Zhelatin-ASX AVG - Dropper.Generic.TLF BitDefender - DeepScan:Generic.Malware.FMH@mmign.55A134E9 ClamAV - Trojan.Zhelatin DrWeb - Trojan.Spambot.2387 Fortinet - W32/Tibs.G@mm F-Prot - W32/StormWorm.R F-Secure - Email-Worm.Win32.Zhelatin.pl Ikarus - Virus.Win32.Zhelatin.ASX Kaspersky -...
 
Tags: kernel31 api log, log, api, zhelatin-asx, sys, asx, rootkit, helios rootkit detector, zhelatin
 
 
 
 
Expand article

Storm keeps coming (4th variant)

2007-12-27 10:43:00 by Russ McRee in HolisticInfoSec.org
 
...W32/Dropper.gen6 Avast - Win32:Zhelatin-ASX AVG - Dropper.Generic.TLX BitDefender - Trojan.Peed.IRG ClamAV - Trojan.Peed-66 DrWeb - Trojan.Spambot.2386 Fortinet - W32/Tibs.G@mm F-Prot - W32/Dropper.gen6 F-Secure - Email-Worm.Win32.Zhelatin.pr Kaspersky - Email-Worm.Win32.Zhelatin.pr NOD32v2 - Win32/Nuwar.BA Panda - Suspicious file Prevx1 -...
 
Tags: trojan, sys, kernel31 api log, api, zhelatin-asx, zhelatin, config, helios rootkit detector, driver file company
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...W32/Malware!Gemini; W32/BHO.BVW File size: 107536 bytes MD5 : e50f2c9874a128d4c15e72d26c78352c SHA1 : 91f8a0e2531ea63ce22d0c7f90e7366a78ebeb8a Moreover gift-vip.net/images/index1.php (195.225.178.19) is still loading from the previous campaign, this time pointing to webmovies-b.com/movie/black/0/21/411/0/ (58.65.234.25), and of course,...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

Fake Yahoo Greetings Malware Campaign Circulating

The Article has images
2008-04-16 15:21:03 by HASH0x8c5ff78 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...W32/Malware!Gemini; W32/Agent.Q.gen!Eldorado File size: 44544 bytes MD5...: fe97eb8c0518005075fd638b33d5b165 SHA1..: d7a4258e37ce0dab0f7d770d1a9d979e921be07b SHA256: 138d31ae1bbdec215d980c7b57be6e624c2f2e1cacd3934b77f50be8adabfb97 Backdoor.Agent.AJU is a malicious backdoor trojan that is capable to run and open random TCP port in a multiple...
 
Tags: yahoo, fake yahoo, malware, malicious, malicious backdoor trojan, backdoor, malware campaign, net, active malware campaigns
 
 
 
 
Expand article

New Years Storm deja vu

2007-12-25 10:36:00 by Russ McRee in HolisticInfoSec.org
 
...W32/StormWorm.P BitDefender - Trojan.Peed.IRE CAT-QuickHeal - (Suspicious) - DNAScan DrWeb - Trojan.Packed.263 eSafe - Suspicious File eTrust-Vet - Win32/Sintun.AT F-Prot - W32/StormWorm.P F-Secure - Packed.Win32.Tibs.gu Kaspersky - Packed.Win32.Tibs.gu Microsoft - Trojan:Win32/Tibs.gen!ldr Prevx1 - Stormy:Worm-All Variants Symantec -...
 
Tags: trojan, spirits import company, disnisa, suspicious, christmas strip, worm-all variants, worm, exe, suspicious file
 
 
 
 
Expand article

Malware Attack Exploiting Flash Zero Day Vulnerability

The Article has images
2008-05-27 17:33:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...W32/Heuristic-159!Eldorado; Suspicious:W32/Malware!Gemini File size: 108172 bytes MD5...: a0383dd1571af5e2f104e1f7d6df7a67 SHA1..: be5b9b00ce9e378e545fa4f1e67160f20ba82ad2 Consider blocking flash by using Flashblock for instance, until the issue is taken care of Flashblock is an extension for the Mozilla, Firefox, and Netscape browsers that...
 
Tags: flash, malware, macromedia flash content, flash content, sample flash file, adobe flash player, adobe, participation domains, domains
 
 
 
 
Expand article

DIY Fake MSN Client Stealing Passwords

The Article has images
2008-01-17 10:06:24 by HASH0x8b6b58c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...W32/VB-Remote-TClient-based!Maximus In related news , MSN is said to be the most targeted IM client Within the IM category, 19 percent of threats were reported on the AOL Instant Messenger network, 45 percent on MSN Messenger, 20 percent on Yahoo! Instant Messenger and 15 percent on all other IM networks including Jabber-based IM private...
 
Tags: msn, percent, restore msn, malware, data, msn messenger, email, email account, publicly obtainable stats
 
 
 
 
Expand article

Anti-Malware Vendor's Site Serving Malware

The Article has images
2008-02-12 20:31:18 by HASH0x8b333c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...W32/Virut.j File size : 8704 bytes MD5 : 31f8a31adfdff5557876a57ff1624caa SHA1 : 7f36e192030f7cbd8b47bd2cb9a60e9a3fe384d2 Naturally, according to publicly obtainable data in a typical OSINT style , the domain used to respond to an IP within RBN's previous infrastructure. The big picture is even more ugly as you can see in the attached...
 
Tags: site, virut virus, virus, indian anti-virus site, malware, web site downloads, antivirus site, hackers, hackers seed malware
 
 
 
 
Expand article

Throw away your digital picture frames

2008-02-19 03:36:49 by Steve Riley in Steve Riley on Security
 
...W32.Rajump, which deposits the same piece of malware that infected some of Apple's video iPods during manufacturing in October 2006. It gathers IP addresses and port numbers from infected PCs and ships them out, according to Symantec. One destination is registered to a service in China that allows people to conceal their own IP addresses Then...
 
Tags: frames, picture frames, trojan, generic trojan, digital photo frames, trojan horse, virus apparently, malware, windows