Results 1 to 6 of 6

Thread: Driveby downloads delivered...

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2010-03-24, 13:29 #1
    AplusWebMaster
    AplusWebMaster is offline
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Driveby downloads delivered...

    FYI...

    Driveby downloads delivered from ".sys" directories
    - http://isc.sans.org/diary.html?storyid=8482
    Last Updated: 2010-03-24 02:42:35 UTC - "... observed malware being delivered from the ".sys" directory of various web sites. The URL follows the scheme:
    http ://evilexample .com/.sys/?action=... link being delivered via Facebook which of course makes the message more plausible and it is likely that users install the software thinking it came from a "Friend"... In response to clicking on the link, the user is asked to install the software... a specific block for ".sys".. web filter caught about 60% of these exploits. Once a user follows the link, additional exe files are downloaded from ".sys" directories. The file names... observed are p.exe, go.exe and v2captcha21.exe."
    Comments: ... Mar 24 2010, 15:24
    "... a bit more digging did show the Koobface connection..."

    Last edited by AplusWebMaster; 2010-03-24 at 21:48.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules