Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Hacked Sites’ Category

    When it comes to cybercriminal targets, it truly is a popularity contest. Multiple sites were found compromised, including those popular with Japanese users. There were 40 compromised domains identified using feedback provided by Trend Micro Deep Discovery; since yesterday almost 60,000 hits have been recorded on these sites. One of the compromised sites contains an obfuscated JavaScript (detected as JS_BLACOLE.SMTT) designed to load a hidden iframe that loads behind the user’s browser. Figure 1. Encrypted JavaScript inserted onto compromised site Figure 2. Decrypted ...

    Posted in Exploits, Hacked Sites, Malware | Comments Off

    Last January, we talked about a critical vulnerability in Ruby on Rails (CVE-2013-0156). At the time, we pointed out that there was no known attack, but because its code had been released as part of the Metasploit exploit framework and that this would increase risks of an attack moving forward. It was only a matter of time before this can be used in an attack in the wild. We strongly urged server administrators to patch their Ruby on Rails software to ...

    Posted in Exploits, Hacked Sites | Comments Off

    Two Brazilian government websites have been compromised and used to serve malware since April 24. We spotted a total of 11 unique malware files being distributed from these sites, with filenames that usually include “update”, “upgrade”, “Adobe”, “FlashPlayer” or combinations thereof.  Besides the different filenames, these samples also have different domains where they can connect to download other malicious files, as well as varying command-and-control (C&C) servers. Based on Smart Protection Network feedback, 90% of the affected customers are from Brazil. Other affected ...

    Last week's OpUSA attacks resulted with no high-profile sites knocked offline, and damage limited to relatively unknown sites compromised and defaced. Still, the attack did show how hackers operate and "claim" their results in high-profile hacking "operations" like OpUSA. Using information provided both by the Smart Protection Network and the attackers themselves (via Pastebin), we were able to see, in part, how these attacks happen. What we found was that the attackers likely “stockpiled” an arsenal of compromised sites ahead ...

    Recent incidents highlight how frequently - and creatively - cybercriminals try to steal data. From "homemade browsers" to million-user data breaches, to the daily theft carried out every day by infostealers and phishing attacks, every day. All this stolen information ends up for sale in the underground to the highest bidder. From there, it can be used in many uniformly illegal ways - from identity theft, to credit card fraud, to launching attacks on other users. They can also be used to ...


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice