Search the archives!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] browser hijack by apache sites
- From: filbert at pandora.be (Filbert)
- Subject: [Full-Disclosure] browser hijack by apache sites
- Date: Thu Mar 24 03:38:42 2005
On Monday May 24 2004 14:46, Feher Tamas wrote: > Hello, > > >http://www.b00gle.com/fa/?d=get > > Starting from here, the usual combination of unpatched IE and plain > user will quickly receive a nice set of malware automatically: > Small.gl, Istbar.dw, Java_Classloader, Java_OpenStream, etc. > > The end station is probably Gator, CoolWeb, a spam proxy or > something even nastier. > > >http://www.pizdato.biz/acc1/exploit.exe > > "This file works "normally", installs itself and creates a startup key in > the Registry. It can download files from Internet. Could be classified as > a new TrojanDownloader malware" > > Sincerely: Tamas Feher. > I agree, but my concern is how does it infect apache webservers by adding this peace of malware at the bottom of a web page? -- echo "+++ATH0filb@+++ATH0filb@linuxmail.org" | sed 's/+++ATH0//g'
- References:
- [Full-Disclosure] browser hijack by apache sites
- From: Feher Tamas
- [Full-Disclosure] browser hijack by apache sites
- Prev by Date: [Full-Disclosure] irc over ssl
- Next by Date: [Full-Disclosure] Bobax and Kibuv
- Previous by thread: [Full-Disclosure] browser hijack by apache sites
- Next by thread: [Full-Disclosure] browser hijack by apache sites
- Index(es):