728x90
 - Fake Flash Player download website | |
F-Secure researchers have spotted a large number of Trojan.JS.Blacole.Gen infections over the past days. A closer analysis has revealed an interesting malware distribution campaign. According to experts, cybercriminals have compromised a number of websites, 40% of which from Germany. They’ve taken the scripts from these sites and added malicious code. When users visit the infected sites, they get redirected to a page that instructs them to update their Flash Player in order to gain access to the content. If the victim clicks on one of the Download Now links, a file called flashplayer.exe is downloaded from a SkyDrive account. When the user executes this file, a window which reads “Installing latest Flash Player” is displayed. In the meantime, another piece of malware is downloaded from the same SkyDrive account. Additional technical details on this attack can be found on F-Secure’s blog. |
728x90
'malware ' 카테고리의 다른 글
| Windows PowerShell을 사용하여 Word 및 Excel 파일을 감염시키는 새로운 악성 프로그램의 제품군을 확인 (0) | 2014.04.03 |
|---|---|
| Macro-Enabled Files Used as Infection Vectors (Again) (0) | 2014.04.03 |
| Neutrino Delivers Fake Flash Malware Hosted on SkyDrive (0) | 2014.04.02 |
| The Gray-zone of malware detection in Android OS (0) | 2014.04.02 |
| Email with subject “FW:Bank docs” leads to information theft (0) | 2014.04.02 |