SEARCH RESULTS
 
Showing 1-10 of 19 records
 
Expand article

SQL Injecting Malicious Doorways to Serve Malware

The Article has images
2008-07-21 01:45:57 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways serving malware is becoming increasing common, as is the use of SQL injections in order for the malicious parties to ensure their campaigns will receive enough generic traffic to their redirectors. Excluding the use of the very same traffic management tools, web malware exploitation kits, templates for the rogue adult sites and the...
 
Tags: malware, malicious doorways, sites, rogue adult sites, malware gangs, campaigns load on-the-fly, campaigns, fake porn sites, sql
 
 
 
 
Expand article

Malicious Doorways Redirecting to Malware

The Article has images
2008-06-16 03:51:11 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways a bit more time and resources consuming. In a single sentence - there's evidence blackhat SEO-ers are starting to exchange crawling manipulation know-how with malware authors In this example we have bestxvids.info (87.118.116.11) which is reditecting to all-in dex.com/in.cgi?5 (87.118.116.11) a URL that's been actively spammed...
 
Tags: malicious, doorways, malicious doorways, malicious content, single sentence, single, single malicious domain, doorway, malicious doorway
 
 
 
 
Expand article

Summarizing June's Threatscape

The Article has images
2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways next to ICANN and IANA's DNS hijacking, all speak for themselves and how diverse the threats and, of course, the abilities to maintain a decent situatiational awareness about what's going on have become 01. U.K's Crime Reduction Portal Hosting Phishing Pages - nothing new here since vulnerable sites are to be "remotely file...
 
Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious
 
 
 
 
Expand article

Summarizing July's Threatscape

The Article has images
2008-08-01 16:08:24 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways to ensure that the domains get rotated on the fly. Despite that they all look the same, they all sever different type of malware, and zero porn of celebrity content at all except the thumbnails 12. Violating OPSEC for Increasing the Probability of Malware Infection No better way to expose your affiliations and several unknown bad...
 
Tags: malware, profitable malware operations, malware authors, malware tools, malware coder, malware kit, malware infection, neosploit malware kit, spam
 
 
 
 
Expand article

Fake Porn Sites Serving Malware

The Article has images
2008-06-25 12:16:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways redirecting to fake porn sites, consisting of over twenty different domains serving the usual Zlob malware variants, we have a decent abuse of a template for a porn site The easy of management of such domain farms and the availability of templates for high trafficked topic segments such as celebrities and pornography, continue...
 
Tags: net, fake porn sites, malware, about-adult, scan-porn, zlob malware variant, name-adult, useporn, porn-the
 
 
 
 
Expand article

Blackhat SEO Redirects to Malware and Rogue Software

The Article has images
2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways. Moreover, rogue codec sites are increasing because the templates for the p0rn and codec sites are turning into a commodity, just like phishing pages and DIY phishing page generators lowering down the entry barriers into these practices Let's assess a sample redirection doorway, a visualization and sample traffic of which you can...
 
Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains
 
 
 
 
Expand article

Underground Multitasking in Action

The Article has images
2008-06-23 09:20:41 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways analytics-google .info /q/urchin.js 209.205.196.16/freehost22/paula2/index.php?id=0271 209.205.196.16/freehost22/paula2/exxe.php?id=0271 crklab .us/index.php my-page-de .info/in.cgi?2&1400397 tapki .cn/1.html?92465 dificalgot .net/s/in.cgi?2?1121268b0d022308 my-page-de .info?default.cgi magichotgaming .net allextra...
 
Tags: malicious, malicious domains, party, malicious party, php, multiple javascript obfuscations, javascript obfuscations, malicious activities, casino adware
 
 
 
 
Expand article

The Malicious ISPs You Rarely See in Any Report

The Article has images
2008-06-30 09:31:08 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...doorways continue supplying good samples of malicious activity, we will inevitable start witnessing more evasive practices applied in the very short term Related posts The New Media Malware Gang - Part Three The New Media Malware Gang - Part Two The New Media Malware Gang HACKED BY THE RBN Rogue RBN Software Pushed Through Blackhat SEO RBN's...
 
Tags: malicious, malicious isps, isps, report, malicious doorways continue, infrastructure, malicious infrastructure, malicious domain, malware command
 
 
 
 
Expand article

Fake Porn Sites Serving Malware - Part Two

The Article has images
2008-07-08 03:24:00 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Doorways Redirecting to Malware A Portfolio of Fake Video Codecs
 
Tags: net, malware, porn-party, porn-contact, fake porn sites, porn-play, porn-plus, porndrive, pornhelp