Fake virustotal website propagated java worm

Status
Not open for further replies.
Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
The infection strategies using java script technology are on the agenda and that because of his status as a "hybrid", criminals looking to expand its coverage of attack recruiting infected computers regardless of the browser or operating system you use.

In terms of criminal activities, the techniques of Drive-by-Download by injecting malicious java script in different websites, are a combo of social engineering that requires users to increasingly sharpen the senses of "detection".

During this weekend, Kaspersky Labs encountered a fake website of the popular system analyzes suspicious files Virustotal, by Hispasec company, touted to infect users through the methods mentioned above.
208188087.png


A view of users, the website looks the same way as the original. However, hidden in the source the parameters needed to infect the system through a java applet through which discharge completely silent malware detected by Kaspersky Lab as Worm.MSIL.Arcdoor.ov.

208188088.png


More details - link
Click to expand...
 
D

Deleted member 178

hahaha they becomes smarter ^^

using a renown anti-malware site to infect people. i will not be trapped, i use VT uploader ^^
 
Tom172

Tom172

Level 1
Feb 11, 2011
1,009
I'd like to know the domain name. It'd be interesting to know if they're using typosquatting or random domain names.
 
Jack

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,378
Seems like those guys were committed to infect some users........They've replicated the virustotal.com look in every detail.....colors,tabs,about...etc..
208188087.png

The technique used to spread the malware isn't unique or original....so - 1.

@eXp thank you for the link..the site is down:p ..
 
H

HeffeD

Level 1
Feb 28, 2011
1,690
Jack said:
Seems like those guys were committed to infect some users........They've replicated the virustotal.com look in every detail.....colors,tabs,about...etc..
Click to expand...

They wouldn't have to replicate anything. It's not difficult to rip a website. I'm sure they used all the same content from the actual VT site. If they were really bold, they might have even been dragging the images from VT instead of hosting them on their own server.
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Really convincing the fake site of virustotal was fully copied like the original one.
 
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
Security News Fake Google Meet conference errors push infostealing malware
Replies
2
Views
1,317
Security News
Andy Ful
Andy Ful
gfgtkitkat34
    • Like
Question I accidentally clicked cancel on a fake virus warning popup instead of closing the browser tab. Am I in any danger?
Replies
10
Views
525
Kaspersky
Jonny Quest
Jonny Quest
enaph
    • +Reputation
    • Like
    • Wow
Scams & Phishing News Microsoft “Poisons” Phishing Data With Fake Creds to Catch Hackers
Replies
0
Views
1,365
Security News
enaph
enaph

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top