High-profile, legitimate site contains malware
Not only users visiting high-risk sites need avast! protection, but also, for example, visitors of the well-known site samsungimaging.net (the Samsung SMART CAMERA blog) were able to notice that their avast! protected them from a threat.
Yesterday, on this site AVAST began to detect malicious Java content.
The malicious file was called Gondvv.class, which is a well-known bad file detected by AVAST as Java:CVE-2012-0507 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507) and Java:CVE-2012-4681 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4681) - a recently discovered zero-day exploit affecting newest version of JRE (1.7). You can find the description of exploit on Oracle's site http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html.
Inside samsungimaging.net html code we found the injected applet:
JavaX.jar contains two files, Gondzz.class and Gondvv.class, which are used for exploiting users' computers.
avast! keeps users safe even against new malware.
Innovative and infamous bank fraud groups create new security challenges for banks.
Cybercrooks could easily watch people in private and public spaces via webcams, stream the video directly to the internet, or turn the device into a bot.