Home > ParetoLogic Blogs > Malware Diaries > Spy on your wife, get infected
Reply
 
Thread Tools Display Modes
  #1  
Old 10-22-2009, 09:34 PM
Michael Michael is offline
Administrator
Join Date: May 2007
Posts: 313
Default Spy on your wife, get infected
Our HoneyPots caught this site spymycomputer.com and one of its products "spy man"

spyman

I decided to take a closer look:

First, as reported by our HoneyPots, the site initiates two drive-bys:

driveby

The drive-by files are not very well detected yet, as shows this Virus Total scan:

http://www.virustotal.com/analisis/e1eb5f2d9df855c9ed33ea76908c79a8e57bef0c505225b394 5c910c200bb6e8-1256205382

The source code of spymycomputer.com contains 3 iframes:

url

frantsuz.com was listed by Google: http://google.com/safebrowsing/diagnostic?site=frantsuz.com/

abbcp.cn is already blacklisted by our friend Steven Burn over at hpHosts:

hp

As far as the software itself, "Spy Man" you may want to think about it twice before installing it:

vt2

Key logging programs have always had a bad reputation... Well, the name itself  "Spy Man" sounds a little bit like a Cold War espion character ;-)

Jerome Segura

Malware ID: 8cbe7e2692a5bdaabfc6b2253c7624e7.zip

Malware ID: f00173d0a26085d3333578f2d90e5c64.zip
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


Terms of Use