Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Author Archive - Maharlito Aquino (Threat Research)




    Earlier the other day, I was browsing through the Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention.

    Curious, I clicked the ad andĀ found my browser downloading a suspicious file named com.com.

    Apparently, this ad redirected me to a randomly generated URL similar to the following, which unfortunately led to the malicious download:

    • hxxp://want6.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69
      c09b8d3198b2797726789be0228c0df3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b
      13b801ba978269fcda413f53e/960b0a2a/com.com
    • hxxp://nose8.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69c
      09b8d3198b2797726789be0228c0df3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b
      13b801ba978269fcda413f53e/960b0a2a/com.com
    • hxxp://letter6.{BLOCKED}.com/se/3da19bea8f9c03e96c9b1acad9cce5a88a2244f0a34d69c0
      9b8d3198b2797726789be0228c0f3c762ed088a2327b07f4a183fa6fa753b0acfd7f0afc2d2b13
      b801ba978269fcda413f53e/785c08d8/com.com

    Below is a screenshot of the file download dialog box.

    Read the rest of this entry »

     


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice