Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Amateur blog sites used in Trojan redirect campaign.

Aladdin Knowledge Systems : 01 February, 2008  (Technical Article)
Hackers have started using blogware to create phoney sites which victims land on from search engines to be redirected to pornography sites or Trojan carrying pages.
On Thursday, Jan 31st, the Aladdin eSafe Content Security Response Team uncovered a new malware infection method that lures Web surfers inquiring about security information into a security blog which then redirects them to random porn and other unwanted Web sites, infecting them with malware.

In most cases, the visitor is automatically redirected from the blog page to a randomly selected pornographic site, and in some cases, to rogue security sites (sites that offer fake security applications and actually infect with spyware or Trojans).

Blogger.com, a Google company, is the most popular free blog with tools for creating and hosting blogs. Creating and editing blogs on Blogger is fairly simple, as any users can sign up for an account, choose a template for the appearance of his blog, and be up and running within minutes. Blogger allows its users to add and arrange page elements merely by dragging and clicking. Malware distributors are utilizing this feature to plant malicious scripts inside scam-filled blogs that redirect the victim to a wide range of Web sites harbouring various kinds of malware.

The Aladdin eSafe CSRT took notice of a blog hosted on Blogger which published, to much surprise, a 2006 news entry originally posted on Aladdin.com. Visiting this blog triggers a malicious JavaScript which redirects the victim to a variety of malicious Web sites that distribute many kinds of malware -- including Trojans, backdoors, rogue applications, and more.

Features of the threat are:.

1 Blog hosted on Google - security related links.
2 Redirect automatically to random site.
3 Web site is porn (90%) or a rogue security app.
4 Site contains exploit to infect with Trojan.
5 Seemly undetectable by most AV vendors.


Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo