Shortly after old news about the threat from SQL injection was found last week in bulk on the Internet, a new massive compromises more than half a million websites. As the malware TrendLabs blog, the threat takes the form of a standard SQL injection that some of you may have heard a lot.
The script called JS_SMALL.QT culprit was found, was by Ivan Macalintal, the threats to the Advanced Search Program Manager, in different Web sites. These sites are suspected to poor implementation of phpBB or with older versions, which exploits. This infection has been noted, had since the beginning of February this year. The site owners are invited to check their implementation of phpBB or update, indicated in an application "bug-free version.
It seems that the method of work for this Trojan horse is similar to what the experts from TrendLabs has previously seen the development of the network. Compromise sites realignment of the users on a number of other Internet pages, which ends at the end of the bill with them download the file. At the end of the track is the TROJ_ZLOB.CCW Trojans, the relocation as a video codec installed. The codec advertising itself as the only means of viewing free adult movie.
The file is hosted on the servers of Columbus (OH),
After downloading the codecs, the user with a number of Trojans discovered that are known to the victims and the local DNS settings of the Internet browser, making the system more vulnerable to potential dangers. User Web trend Micro threat protection application, they say, protected by the criminal URL.
No comments:
Post a Comment