 |
|
|
Thread Tools | Display Modes |
|
#1
07-01-2009, 01:54 AM
|
|||
|
New ad-clicker Trojan
Our Honeypots caught this drive-by download from the following site:
 Looks like another blog... the word 'porn' is used, well, abundantly. The site is registered to some guy in Panama.  Other domains sharing nameserver:  They all point to this fake codec site:  The malware file, as with many fake codecs is from exe-xxx-file.com. A quick Virus Total analysis reveals that this file is pretty much unknown to most AV vendors:  If you happen to be infected with that Trojan, it will not go un-noticed:    Those links are dangerous, stay away unless you know what you're doing. Jerome Segura Malware ID: 749ebc5c812c3d26022a4df847b11d09.zip 
|
||
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
