Posts Tagged: Protard


“OMG! Vuvuzela banned!” Tweets Infect Followers

by

Malware authors must have a soft spot in their hearts for the long-maligned South African vuvuzela, because once again, theĀ  most annoying noisemaker in World Cup history is driving people to Web sites which push infections down to their computers. This time, people are retweeting the malicious links attached to a message that reads “OMG! Vuvuzela banned!” along with the hashtags #worldcup and #vuvuzelabanned. At last check in Google, references to the malicious links number over 16,000. The tweets use a variety of different link shortening services (including bit.ly, tinyurl.com, is.gd, and dr.tl) to mask the fact that their destination […]

Continue Reading »

Botnet Trojan Adds “Gootkit” Code to Web Pages

by

An insidious new Trojan that finds its way onto Windows PCs in the course of a drive-by infection employs a novel method to propagate: It connects to Web servers using stolen FTP credentials, and if successful, modifies any HTML and PHP files with extra code. The code opens an iFrame pointing to a page that loads browser exploits. The exploit pushes down the infection, which then perpetuates the process. The initial infection vector in this case was a spam message supposedly from Amazon.com containing a link to the page which performs the drive-by attacks. The malware, which we’re calling Trojan-Backdoor-Protard, […]

Continue Reading »