Criminals Serve Bogus Browser Updates

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
GFI said:
Matthew, one of our malware researchers analyzed a Web threat that recently came to our attention thanks to a report from one of our VIPRE clients. Vkernel(dot)org (not to be mistaken with vkernel.com) is found to be a scam launchpad and houses a malicious file.

When a user visits the said dot-org site, they see this:
fake-browser_img01.png


Read more.
 

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,379
pcjunklist said:
just a warning as well, panda url filtering, comodo dns, and norton dns all let this through!
Vkernel https://www.virustotal.com/file/1aa...0cc659f0ba21d8f9d2163a7360edf95ca8a/analysis/
At least the antivirus engine does detect the malicious download ....
Google Chrome blocks the download by default while Firefox Antivirus scan doesn't detect a thing....
k6eWk.png


Anubis Report : http://anubis.iseclab.org/?action=result&task_id=1da85bd9b2f21aa44b571ee251a8cfee6&format=html
 

pcjunklist

Level 1
Dec 28, 2011
523
yep almost all the major AV companies have blocked the attack. Remember browser addons as well to stay safe, noscript blocks it completely and WOT accurately portrays it as having a poor rating.
 

Hungry Man

New Member
Jul 21, 2011
669
DejaVous, seen this so many times before with bogus plugins and in fact just a few months ago it was bogus Firefox updates (taking advantage of the rapid release cycle I think.)
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top