Criminals Serve Bogus Browser Updates

[Jack]

Matthew, one of our malware researchers analyzed a Web threat that recently came to our attention thanks to a report from one of our VIPRE clients. Vkernel(dot)org (not to be mistaken with vkernel.com) is found to be a scam launchpad and houses a malicious file.

When a user visits the said dot-org site, they see this:

Read more.

 

[pcjunklist]

just a warning as well, panda url filtering, comodo dns, and norton dns all let this through!
Vkernel https://www.virustotal.com/file/1aa...0cc659f0ba21d8f9d2163a7360edf95ca8a/analysis/

 

[Jack]

just a warning as well, panda url filtering, comodo dns, and norton dns all let this through!
Vkernel https://www.virustotal.com/file/1aa...0cc659f0ba21d8f9d2163a7360edf95ca8a/analysis/

At least the antivirus engine does detect the malicious download ....
Google Chrome blocks the download by default while Firefox Antivirus scan doesn't detect a thing....

Anubis Report : http://anubis.iseclab.org/?action=result&task_id=1da85bd9b2f21aa44b571ee251a8cfee6&format=html

 

[pcjunklist]

yep almost all the major AV companies have blocked the attack. Remember browser addons as well to stay safe, noscript blocks it completely and WOT accurately portrays it as having a poor rating.

 

[Hungry Man]

DejaVous, seen this so many times before with bogus plugins and in fact just a few months ago it was bogus Firefox updates (taking advantage of the rapid release cycle I think.)