Archive for September, 2008

Porn Trojan Talks

Listen to Yourself by

Go Hawks!!!

As grand finals kick off, today is the most spectacular moment for Aussies sporting event.

I love underdogs, Go Hawks!

After 5 hours:

Hawks won! If you know the story behind this game, it’s indeed mission impossible for Hawthorn Hawks to beat Geelong Cats, but it was amazing they won by 26 points (115/89).  Life is full of surprises!

[Read Real Footy]

Good thing, there’s NO malware relating to this event!(“,)

Non-Win32 Malicious Files

There are heaps of Non-Win32 malicious file currently in the wild. These files are crafted to allow attackers to remotely execute arbitrary code.  Although, it exploits known vulnerabilities, but still attackers find it useful as most of us do not bother applying security updates. So, the effect is massive installation of various threats in your computer.

FileType: SWF
Solution: Flash Player Update

FileType: RIFF Windows Animated Cursor
Solution: Microsoft Security Bulletin MS07-017

FileType: PDF
Solution: Adobe Reader and Acrobat Security Update

FileType: RAR
Solution: Update to latest version (version 3.61 and onwards)

Other non-exploited files:

FileType: DOC, Excel, PPT, JPEG, CHM
Behaviour: Drops and Install malicious EXE file

Filetype: ASF (Windows Audio/Video Files)
Behaviour: Connects to remote IP address to download malicious EXE file

For these kind of files, please make sure its coming from trusted source and make sure you have security software with updated signature installed.

Related Post:
Inside Exploited PDF
ASF File Specification & Recent Threats
Malicious CHM

First Day of Spring


We still feel the cold weather here in Melbourne, but Google just reminded me that it’s already Spring!

Latest Blog Post by malware

I found this in my (wordpress) dashboard at the lower right …

Once you click the link, it will create the following traffic in background …

Good thing, there was no DMG file for Mac OS X, instead it tries to download EXE file for unfortunate innocent Windows users. The file is a Trojan downloader.

After few hours, WordPress responded to these malicious activity…

Stay informed!

Top Posts from WordPress

Notice, “Oprah Winfrey’s Death”…

It’s been all over the internet, but definitely coming from unreliable source. It’s just a sick hoax!

For sure people started searching and verifying this information online but be careful from dodgy websites! You might bump to a drive by download servers.