While we were researching the websites currently serving the new Microsoft Internet Explorer (IE) zero-day threat, we found that the new attack is being piggybacked on a slightly older attack aimed on industrial companies’ websites.
The hacked legitimate websites contain on their main pages a hidden iframe.
It was brought to our attention by this thorough Eric Romang article that a new zero-day exploit (an exploit actively used by cybercriminals in the wild) targets a bug in Microsoft’s Internet Explorer (IE) 7 & 8, and with some help from Java, it could be also exploited on IE 9, as confirmed by the Metasploit firm. At this time, as there is yet no patch from Microsoft, what can you do?
I’m not sure if I mentioned this already, but my wife went for a week-long holiday with friends last Friday therefore I’m quite busy babysitting this week, taking care of the kids and household, and, not surprisingly, running out of steam. That is my excuse for just having a very short post today. But back to the subject:
Do you know what is the ultimate irony in the life of a virus analyst?
This is when he needs some books about coding (actually, a book on subject “language of math”) and the special online shop that deals with this kind of literature is itself infected… The bug name is “VBS:Obfuscated-gen” and because the site is still infected, I won’t disclose its name. Who knows. You might get tempted to go look around the site for some math or coding literature.
… and Michal (the victim) thank you for the tip
Osama Bin Laden is the face of malware for the first week of May, replacing Soviet cosomonaut Yuri Gagarin.
Within hours of his death, a reputed picture of a bloody Bin Laden was making the rounds on the Internet. On close inspection, this picture appeared to be a heavily-altered version of much older photo. Regardless of whether this specific picture was accurate or not – it was still enough to make Bin Laden a momentary hit on the internet with cybercriminals. Here are four reasons why:
- High number of searches- The large number of internet searches is an irresistible target for cybercriminals. Especially because the process of infecting sites and web searches is automatic and driven by the searches of normal users- like you.
- Limited (no) official sources for information – The lack of an official picture means people are clicking anywhere for data, even on those unusual sites that they would never normally visit. Read more…