Analysis: Kevin Savage Following our recent blog post on malicious Web injects, here is an example affecting the distribution of a malicious Android application. This is an example of a traditional type but on a larger scale. Those of us in the security industry are well aware of a certain email address—[email protected]—which registers domains consistently […]
The ISC is warning of an injection attack using the domain nikjju.com. The WHOIS details of this domain are very familiar: Registrant Contact: JamesNorthone James Northone [email protected] +1.5168222749 fax: +1.5168222749 128 Lynn Court Plainview NY 11803 us The hotmailbox.com domain is a sign of evil, and these are likely […]
We posted a few days ago about a Mass SQL injection campaign that has been compromising thousands of sites. Our latest numbers show more than 200,000 pages got infected with the nikjju.com malware. However, since the last two days, the attackers switched domain names and are now using hgbyju.com to distribute their malware (also hosted […]
Latest Comments