Armorize Technologies Blog: http://jjghui.com/urchin.js mass infection ongoing
Posted by: Wayne Huang on 10.12.2011 / Categories: Drive-by download, Mass Injection, Web malware (Credit: Wayne Huang, Chris Hsiao, NightCola Lin) Starting Oct 9th, we've been tracing an mass injection attempt. Currently, there's been 180,000 affected pages, according to Google. The attack targets visitors of six particular languages--English, German, French, Italian, Polish, and Breton, seen fro
Armorize Technologies Blog: Mass WordPress infection ongoing--most malicious domains using changeip.com
(credits: Wayne Huang, Chris Hsiao, NightCola Lin) ( To peer researchers: As we all know, researching security incidents take a lot of time and sacrifice; as if they know exactly how to make our lives harder, attackers often launch right before the weekend or a long vacation. In such an event, we often need to sacrifice our personal plans to be with our families, in order to research and publish t
Armorize Technologies Blog: k985ytv mass compromise ongoing, spreads fake antivirus
Posted by: Wayne Huang on 8.17.2011 / Categories: Drive-by download, fake antivirus, k985ytv, Mass Injection, Web malware On August 14, we started to see mass compromise of websites to inject malicious iframes that spread fake antivirus malware. The attack is ongoing, and this is our report. [Table of Contents] [1. Summary] [2. The visitor infection process] [3. The fake antivirus being spread] [4
Armorize Technologies Blog: Newest Adobe flash 0-day used in new drive-by download variation: drive-by cache, targets human rights website
(Credits: Chris Hsiao, NightCola Lin, Wayne Huang) Armorize runs one of the world's largest cloud-based Web malware scanning service, OEM'd to large security and hosting companies. Recently, we've noticed increasing use of a variation of the drive-by download attack, coupled usually with 0-days. This is our technical report on the subject. We realize in recent years, "interesting" threat names hav
Armorize Technologies Blog: willysy.com mass injection has hit more than 3.8 million pages (update: now > 8 million)
Posted by: Wayne Huang on 7.31.2011 / Categories: Drive-by download, Hosting attack, Mass Injection, osCommerce, Web malware On July 24th, we published our initial report on this willysy mass injection incident, which at that time hit around 90,000 pages. As of July 31th, Google shows more than 3,410,000 (willysy) + 386,000 (exero) = 3.8 million infected pages. Note this number is for individual i
Armorize Technologies Blog: willysy.com Mass Injection ongoing, over 8 million infected pages, targets osCommerce sites
Posted by: Chris on 7.25.2011 / Categories: Drive-by download, HackAlert, Mass Injection, osCommerce, Web malware (Credits: Wayne Huang, Chris Hsiao, NightCola Lin, Sun Huang, Crane Ku) (Initial post: July 24th) (Updated: July 30th with new infection number, source IP of attack, log entries, osCommerce vulnerabilities used, and more) (Updated: Aug 3rd with new video and new infection count: >6 mil
Armorize Technologies Blog: Mass Meshing Injection: sidename.js (now cssminibar.js) ongoing
(Credits: Wayne Huang, Chris Hsiao, NightCola Lin) (Thanks to Christian Frichot and David Taylor for providing additional info) (Original post: June 15th) (Updated: Jun 28th) A quick summary: Lizamoon Sidename.js Type of attack Mass SQL Injection Mass Meshing Injection Victim criteria Victims have to be tricked into a) downloading a binary and b) executing the binary, in order to be infected. Vict
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Armorize Malware Blog: Armorize launched new service at RSA 2013: HackAlert Scanning and Forensics Extraction API for Malware, Malvertising, 0-day and APT Attacks
http://blog.armorize.com/2011/08/ongoing-k985ytv-mass-compromise.html
Armorize Technologies Blog: Willysy osCommerce injection: Over 6 million infected pages (update: now over 8 million) and a new video with new tools to do the analysis
Armorize Technologies Blog: Cambodia Government CERT website serving malware