Status
Not open for further replies.

Jack

Administrator
Verified
Staff member
The infection strategies using java script technology are on the agenda and that because of his status as a "hybrid", criminals looking to expand its coverage of attack recruiting infected computers regardless of the browser or operating system you use.

In terms of criminal activities, the techniques of Drive-by-Download by injecting malicious java script in different websites, are a combo of social engineering that requires users to increasingly sharpen the senses of "detection".

During this weekend, Kaspersky Labs encountered a fake website of the popular system analyzes suspicious files Virustotal, by Hispasec company, touted to infect users through the methods mentioned above.


A view of users, the website looks the same way as the original. However, hidden in the source the parameters needed to infect the system through a java applet through which discharge completely silent malware detected by Kaspersky Lab as Worm.MSIL.Arcdoor.ov.



More details - link
 
D

Deleted member 178

hahaha they becomes smarter ^^

using a renown anti-malware site to infect people. i will not be trapped, i use VT uploader ^^
 

Tom172

New Member
I'd like to know the domain name. It'd be interesting to know if they're using typosquatting or random domain names.
 

Jack

Administrator
Verified
Staff member
Seems like those guys were committed to infect some users........They've replicated the virustotal.com look in every detail.....colors,tabs,about...etc..

The technique used to spread the malware isn't unique or original....so - 1.

@eXp thank you for the link..the site is down:p ..
 

HeffeD

New Member
Jack said:
Seems like those guys were committed to infect some users........They've replicated the virustotal.com look in every detail.....colors,tabs,about...etc..

They wouldn't have to replicate anything. It's not difficult to rip a website. I'm sure they used all the same content from the actual VT site. If they were really bold, they might have even been dragging the images from VT instead of hosting them on their own server.
 
Status
Not open for further replies.
Top