SEARCH RESULTS
 
Showing 1-10 of 16 records
 
Expand article

MDAC ActiveX Code Execution Exploit Still in the Wild

The Article has images
2007-12-05 12:08:56 by HASH0x89e6630 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC in this case, the chances for success are much lower compared to diversification of the "exploits set", a daily reality these days thanks to the emerging malicious economies of scale mentality in the form of web exploitation kits such as MPack , IcePack , WebAttacker , the Nuclear Malware Kit and Zunker as the most popular ones Here's a...
 
Tags: exploit, day, day vulnerabilities, htm, malware, malware exploitation kit, single exploit urls, vulnerabilities, storm worm apparently
 
 
 
 
Expand article

Massive RealPlayer Exploit Embedded Attack

The Article has images
2008-01-07 18:58:52 by HASH0x89c7e1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX code execution (CVE-2006-0003) in between the following c.uc8010.com/046.htm - javascript obfuscation c.uc8010.com/r.htm - real player exploit c.uc8010.com/014.js - javascript obfuscation c.uc8010.com/111.htm - unobfuscated real player exploit ucmal.com/0.js (122.224.146.246) - another obfuscation rnmb.net/0.js says " ok! ^...
 
Tags: exploit, realplayer exploit, uc8010 domain, domain, uc8010, exact exploit, attack uc8010, malware, malware exploitation kits
 
 
 
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC is a fad, but the very same is getting embraced in the short-term by malicious parties in China that have also started combining the Internet Explorer VML Download and Execute Exploit (MS07-004), thanks to recent localized forum postings on modifying the third exploit. Let's assess several sample domains 8v8.biz/ms07004.htm...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes
 
 
 
 
Expand article

Fake YouTube Site Serving Flash Exploits

The Article has images
2008-06-12 07:12:58 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC exploit, but is also serving a flash exploit which when analyzed leads us to a web based C&C of new malware kit. And although I've been aware of its existence for a while now, it's the first time I see it in action Upon analyzing yout ube-r.com (211.95.79.57) a couple of days ago, it's now returning a 403 forbidden message, however,...
 
Tags: site, fake youtube site, flash exploit loads, flash exploit, mdac, ubiquitous mdac exploit, exploit, malware, real youtube site
 
 
 
 
Expand article

Pinch Variant Embedded Within RussianNews.ru

The Article has images
2007-12-23 21:01:52 by HASH0x89b2224 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX code execution exploit - CVE-2006-0003, the type of virtual Keep it Simple Stupid strategy of using outdated vulnerabilities I discussed before. Deobfuscation leads us to : russiannews.ru/arabic/data/news/upload/exp/exe.php Trojan-PSW.Win32.LdPinch.dzr File Size : 22016 bytes MD5 : cb0a480fd845632b9c4df0400f512bb3 SHA1 :...
 
Tags: variant, pinch variant, diy malware builders, russiannews, malware, popular news portal, web dropper, news, simple stupid strategy
 
 
 
 
Expand article

The Dutch Embassy in Moscow Serving Malware

The Article has images
2008-01-28 16:07:58 by HASH0x8af6a58 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX Code Execution Exploit Still in the Wild Malware Serving Exploits Embedded Sites as Usual Massive RealPlayer Exploit Embedded Attack A Portfolio of Malware Embedded Magazines The New Media Malware Gang The New Media Malware Gang - Part Two Another Massive Embedded Malware Attack I See Alive IFRAMEs Everywhere I See Alive IFRAMEs...
 
Tags: malware, attack, malware attack, media malware gang, redirector script, script, alive iframes, royal netherlands embassy, alive
 
 
 
 
Expand article

U.K's FETA Serving Malware

The Article has images
2008-02-12 09:13:31 by HASH0x8b1c460 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX code execution (CVE-2006-0003), also responding to Silentwork.ws and Tide.ws which is deceptively forwarding to BBC's web site, deceptively in the sense that were I to use a U.K based IP to access it for instance it will try to serve the malware, thus, malware campaigners are now able to segment the malware attacks on a basis of...
 
Tags: malware, domains, malware domains, malware attacks, attacks, malware campaigners, serve malware, high-profile malware, serve
 
 
 
 
Expand article

Serving Malware Through Advertising Networks

The Article has images
2008-02-18 10:58:53 by HASH0x8bfe2fc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX code execution (CVE-2006-0003) through the Neosploit malware kit. Banner.php is for the time being loading IFRAMEs to funppc.com/cgi-bin/pl/affiliates/referral.cgi?referral=3098 (63.219.176.194 look.fxlayer.net/hop.php (87.98.255.2 hartnetwork.org/cgi-bin/in.cgi?p=1018b (216.246.31.236) - Neosploit malware kit Moreover, two...
 
Tags: malware, php attempt, php, neosploit malware kit, xtraff, exploit, live exploit urls, urls, htm
 
 
 
 
Expand article

Yet Another Massive Embedded Malware Attack

The Article has images
2008-02-27 11:42:39 by HASH0x8b05fe8 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...MDAC ActiveX Code Execution Exploit Still in the Wild Malware Serving Exploits Embedded Sites as Usual Massive RealPlayer Exploit Embedded Attack Syrian Embassy in London Serving Malware Bank of India Serving Malware U.S Consulate St. Petersburg Serving Malware The Dutch Embassy in Moscow Serving Malware U.K's FETA Serving Malware...
 
Tags: attack, malware attack, malware, free malware cocktails, anti-malware vendor, media malware gang, massive, entire domains portfolio, domains