SecurityRatty: tag: doorway

Malicious Doorways Redirecting to Malware

2008-06-16 03:51:11 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorway , that is redirecting to ten different malware sites serving Zlob variants by delivering fake codecs that all the bogus adult sites require. The doorway is misconfigured in the sense of not recording the IP and checking the cookie set, in comparrision to every average web malware exploitation kit out there, which will not serve...

Tags: malicious, doorways, malicious doorways, malicious content, single sentence, single, single malicious domain, doorway, malicious doorway

Summarizing June's Threatscape

2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorways next to ICANN and IANA's DNS hijacking, all speak for themselves and how diverse the threats and, of course, the abilities to maintain a decent situatiational awareness about what's going on have become 01. U.K's Crime Reduction Portal Hosting Phishing Pages - nothing new here since vulnerable sites are to be "remotely file...

Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious

ZDNet Asia and TorrentReactor IFRAME-ed

2008-03-04 09:15:20 by HASH0x8b3f7c8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorway page. To defeat the simple client-side cloaking, issuing a query of the form url:link1 is sufficient. This allows us to fake a click through from a real search engine page So the malicious parties are implementing simple referrer techniques to verify that the end users coming to their IP, are the ones they expect to come from the...

Tags: iframe, zdnet asia, pages, pages redirect, iframe-ed pages, torrentreactor, iframe-ing tactic remains, seo practices, torrentreactor seo practices

UNICEF Too IFRAME Injected and SEO Poisoned

2008-04-01 07:42:20 by HASH0x8b227b4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorway to pharmaceutical spam and scams, that one of the most prolific domains within the IFRAMES ( highjar.info ) is already returning " Bandwidth Limit Exceeded. The server is temporarily unable to service your request due to the site owner reaching his/her bandwidth limit. Please try again later " messages This is the perfect moment to...

Tags: seo, unicef, easy seo, site, site owner, iframe, unicef effect, massive seo, campaign

Fake Directory Listings Acquiring Traffic to Serve Malware

2008-04-30 03:17:00 by HASH0x8b233c0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorway detection techniques for blackhat SEO-ers to take advantage of

Tags: fake directory, malicious, fake directory indexes, non-malicious download, live exploit urls, file, malicious magic, load image files, image files

Blackhat SEO Redirects to Malware and Rogue Software

2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorways. Moreover, rogue codec sites are increasing because the templates for the p0rn and codec sites are turning into a commodity, just like phishing pages and DIY phishing page generators lowering down the entry barriers into these practices Let's assess a sample redirection doorway, a visualization and sample traffic of which you can...

Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains

Fake Porn Sites Serving Malware

2008-06-25 12:16:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorways redirecting to fake porn sites, consisting of over twenty different domains serving the usual Zlob malware variants, we have a decent abuse of a template for a porn site The easy of management of such domain farms and the availability of templates for high trafficked topic segments such as celebrities and pornography, continue...

Tags: net, fake porn sites, malware, about-adult, scan-porn, zlob malware variant, name-adult, useporn, porn-the

SQL Injecting Malicious Doorways to Serve Malware

2008-07-21 01:45:57 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...doorways serving malware is becoming increasing common, as is the use of SQL injections in order for the malicious parties to ensure their campaigns will receive enough generic traffic to their redirectors. Excluding the use of the very same traffic management tools, web malware exploitation kits, templates for the rogue adult sites and the...

Tags: malware, malicious doorways, sites, rogue adult sites, malware gangs, campaigns load on-the-fly, campaigns, fake porn sites, sql

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo