• Здраво и добредојдовте на форумот на IT.mk.

    Доколку сеуште не сте дел од најголемата заедница на ИТ професионалци и ентузијасти во Македонија, можете бесплатно да се - процесот нема да ви одземе повеќе од 2-3 минути, а за полесна регистрација овозможивме и регистрирање со Facebook и Steam.

Storm Botnet Spreading Malware Through GeoCities

Статус
Затворена за нови мислења.
  • Ја почнал/а темата
  • #1

Delicon

Gaining Experience
10 јуни 2007
814
256
delicon.mk
"Storm, the botnet-building Trojan horse, has come up with another twist to dupe users into infecting their PCs with malware, a security researcher said today.

"Longtime clients of the Russian Business Network (RBN), a notorious hacker- and malware-hosting network that mysteriously vanished last week after shifting operations from St. Petersburg, Russia, to Shanghai are involved in the attack, said Paul Ferguson, network architect at Trend Micro Inc. (((I don't much want to believe this assertion, because I really don't like the implications of that. Not a very good reason not to believe it.)))

Yesterday, Trend watched as existing bots controlled by Storm were seeded with new spam templates that included links to sites on GeoCities, the free Web hosting service owned by Yahoo Inc. Today, Storm kicked off the new attacks. (((I'd love to read the biography of just one of these Storm pilots.)))

"This has developed into a full-fledged attack vector," Ferguson said.

The GeoCities sites are infected with malicious JavaScript code that redirects the user's browser to secondary URLs hosted in Turkey, Ferguson said. The Turkish URLs, meanwhile, try to persuade the user to download a new codec that's supposedly necessary to view images on the GeoCities sites.

According to Trend Micro's analysis, the bogus codec -- which claims to be for the 360-degree IPIX format -- is actually an identity- and information-stealing piece of malware.

Fake codecs have become the latest choice of hackers, with several notable attacks recently relying on users' naivete about what a codec is, why it might be necessary and why they can be untrustworthy.

The attacks last week that originated at hacked MySpace pages -- including R&B singer Alicia Keys' -- touted phony codecs, for example.

That Storm has turned to hyping codecs tells Ferguson that the botnet's controllers are nimble and flexible in their approach to social engineering. (((Boy are they ever. Its like they're from another planet.)))

"They're intertwining codecs with other types of social engineering," he said.

By his reckoning, Storm has become much more than just a name for a malware family. "It's actually a covert channel of distribution for these [bad] guys," he said. "It's a communication network...."
wired.com
 
Статус
Затворена за нови мислења.

Нови мислења

Последни Теми

Статистика

Теми
43,529
Мислења
822,647
Членови
28,052
Најнов член
Ttifun
На врв Дно