Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

New attack uses dynamic .js code to foil detection

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
Nightmaretony
Warrior


Joined: 15 Mar 2005
Last Visit: 30 Jun 2011
Posts: 256
Location: Meadowbrook

PostPosted: Tue Jan 15, 2008 9:35 am    Post subject: New attack uses dynamic .js code to foil detection Reply with quote

http://news.yahoo.com/s/nf/57768;_ylt=AkYAyNTH6HbLA062Unn6LV4DW7oF
_________________
For this is the place
where dreams
and nightmares
are birthed
and bred

Nightmare Park
Back to top
View user's profile Send private message Visit poster's website AIM Address
datababe
Warrior


Joined: 13 Dec 2004
Last Visit: 10 Oct 2012
Posts: 217
Location: Inside your head

PostPosted: Wed Jan 23, 2008 7:23 am    Post subject: Reply with quote

Still making the news:

http://arstechnica.com/news.ars/post/20080122-compromised-websites-serve-more-malware-than-malicious-ones.html

And illustrating an interesting (and kinda scary) trend:

Quote:
the number of legitimate web sites that have been hacked and are distributing or enabling various types of malware attacks is greater than the number of malicious sites created specifically for that purpose.


Just avoiding pr0n and cheesy download-these-dancing-donkeys type websites used to go a fair way to avoiding crudware (well, that and understanding you do NOT have mail waiting, you are NOT an instant winner, and NOBODOY LOVES YOU). Not anymore. I count Noscript as one of my all time favorite Firefox plugins.

The threads here and here

http://www.channelregister.co.uk/2008/01/16/mysterious_web_infection_continues/comments/

http://www.webhostingtalk.com/showthread.php?t=651748

remind me of the SETI project, only instead of harnessing the extra CPU cycles of hundreds of "volunteer computers", this call to arms is harnessing the extra brain cycles of hundreds of volunteer geeks. Good use of available resources, I'd say. Wink
_________________
- Datababe
Until you spread your wings, you'll have no idea how far you can walk.
http://redoakranch.x10hosting.com
http://datababe007.blogspot.com
Back to top
View user's profile Send private message Visit poster's website
mikey
Malware Expert


Joined: 12 Feb 2004
Last Visit: 14 Aug 2014
Posts: 1073
Location: CenTex

PostPosted: Fri Jan 25, 2008 12:50 pm    Post subject: Reply with quote

As related to the trends, Symantec paints a picture of the return of the drive-by condition; http://www.symantec.com/enterprise/security_response/weblog/2008/01/driveby_pharming_in_the_wild.html
_________________
-

UbuntuStudio...community supported multi-media development optimization.

-
Back to top
View user's profile Send private message Visit poster's website
Oldfrog
Site Admin


Joined: 08 Aug 2004
Last Visit: 09 Feb 2013
Posts: 1161
Location: Hewitt, TX

PostPosted: Fri Jan 25, 2008 1:25 pm    Post subject: Reply with quote

The astounding fact about the ITW attack described by Symantec is that the attack can only succeed if the broadband router still uses the default out-of-the-box administrative password. The router make wasn't specified but since the attack used an HTTP GET command I would imagine that the command is sent to an IP address. This would in turn require that the default LAN IP address was also being used. It shouldn't take a rocket scientist to figure that a password everyone knows isn't much security.
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group