Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Hacked Sites’ Category

    Last January, we talked about a critical vulnerability in Ruby on Rails (CVE-2013-0156). At the time, we pointed out that there was no known attack, but because its code had been released as part of the Metasploit exploit framework and that this would increase risks of an attack moving forward. It was only a matter of time before this can be used in an attack in the wild. We strongly urged server administrators to patch their Ruby on Rails software to ...

    Posted in Exploits, Hacked Sites | Comments Off

    Two Brazilian government websites have been compromised and used to serve malware since April 24. We spotted a total of 11 unique malware files being distributed from these sites, with filenames that usually include “update”, “upgrade”, “Adobe”, “FlashPlayer” or combinations thereof.  Besides the different filenames, these samples also have different domains where they can connect to download other malicious files, as well as varying command-and-control (C&C) servers. Based on Smart Protection Network feedback, 90% of the affected customers are from Brazil. Other affected ...

    Last week's OpUSA attacks resulted with no high-profile sites knocked offline, and damage limited to relatively unknown sites compromised and defaced. Still, the attack did show how hackers operate and "claim" their results in high-profile hacking "operations" like OpUSA. Using information provided both by the Smart Protection Network and the attackers themselves (via Pastebin), we were able to see, in part, how these attacks happen. What we found was that the attackers likely “stockpiled” an arsenal of compromised sites ahead ...

    Recent incidents highlight how frequently - and creatively - cybercriminals try to steal data. From "homemade browsers" to million-user data breaches, to the daily theft carried out every day by infostealers and phishing attacks, every day. All this stolen information ends up for sale in the underground to the highest bidder. From there, it can be used in many uniformly illegal ways - from identity theft, to credit card fraud, to launching attacks on other users. They can also be used to ...

    A new Internet Explorer zero-day exploit has been spotted in a compromised website of the US Department of Labor. When users visit the compromised website, it loads a malicious script which Trend Micro detects as JS_DLAGENT.USR. This particular script was hosted on the compromised site itself. It loads another script (this time, hosted on a malicious server) detected as JS_KILLAV.AA. Once executed, JS_KILLAVA.AA obtains specific information from the infected machine such as the installed Adobe Reader and Flash version as well as security ...

    Posted in Exploits, Hacked Sites, Malware | Comments Off


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice