Shortly after 10:00am Jun 25th 2013, many government websites from South Korea were not accessible. It was actually caused by the malware performing ddos attack on 2 major DNS servers (ns.gcc.go.kr and ns2.gcc.go.kr).Original Attack VectorDuring the investigation, we managed to find the original attack sample which was served by a compromised website at that time […]
Fake Flash updates are leveraged as a very popular trick amongst attackers to fool users into downloading and installing malware. This week we found a three websites distributing Win32.Sanity.N malware disguised as Flash updates: hxxp://kivancoldu.com/, redirects to hxxp://click-videox.com/ http://kivancoldu.com on 05/02/2013 hxxp://fastcekim.com/, redirects to hxxp://click-videox.com/ hxxp://kivanctatlitug.tk/ d(down) hxxp://kivanctatlitug.tk/ The fake warning at the top of […]
Recently, we have come across a Brazilian trojan horse trying to steal online banking credentials, again. This information is not surprising at all as Brazil is still one of the top countries producing this kind of malware. Quality of these samples varies along with the techniques used to fool the online banking users but the […]
Latest Comments