A couple of days ago I was investigating an attack that a reader submitted to me that was related to the recent nine ball attacks as reported by WebSense. (Part 1 | Part 2)
The attackers use the same techniques to exploit victims but this time have moved to new domains and updated their payloads. There [...]
|
|||||
|
As a follow up to my previous post, here is the next video depicting the second portion of the attack. For URLs, Virustotal results, etc refer back to Part 1. All analysis is conducted with Malzilla. To give you some additional insight into the attack, I am also able to share the contents of a hacked [...] A reader was gracious enough to share some information with me on the events surrounding the compromise of a website of his. The site was compromised via stolen FTP credentials which has been a technique employed by major Internet threats such as Gumblar and Nine-ball recently. This will be a two part post. It’s been awhile since I posted unfortunately, but it’s not due to a lack of attacks to talk about! Some time ago I was approached by the Host Exploit open source security research group and they asked me if I would help contribute to their efforts. This is the group that put together [...] While this is not totally new, I only recently came across my first event involving a one click host servingĀ malware. What is one click hosting? These are providers which you have probably heard of before such as RapidShare, Megaupload, yousendit and many many more. Wikipedia has a listing of many of them. These providers [...] |
|||||
|
Copyright © 2010 Andrew Martin - All Rights Reserved |
|||||