malicious code in your future
Size:
Large, Medium,
Small
Thu Mar 27, 08 09:50 AM
| Category:
P.C issues
we have observed some suspicious activity on the Chinese Yahoo astrology site, http://astrology.cn.yahoo.com. Upon investigation, we determined that the site in question contained an iframe that was linking to the domain luckty.com, an astrology-based match finding company. This page contained an embedded iframe that linked to a malicious site that was exploiting the Real Player ierpplug.dll ActiveX Control Buffer Overflow Vulnerability and the MSIE ADODB.Stream Object File Installation Weakness to download malicious code onto a compromised machine.
The downloaded malicious code samples are detected as Downloader with definitions version 03/22/2008 revision 2 and later.
Posted by Hannah Chen on March 24, 2008 05:00 AM
Link:
http://blog.bitcomet.com/webtalk/post_20279/
©
Add to favorites |
Quote
Reads (1113) | Comments (4)
