Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us

    Mar11
    10:43 pm (UTC-7)   |    by

    TrendLabs has gotten word that the official Web site of Swedish rock band The Hives, hxxp:// thehivesbroadcastingservice.com, got hacked. This attack coincides with the US leg of the band’s ongoing tour before they move on to the UK next month. The compromised site incidentally provides tour dates.

    An iFrame was found to be inserted into the page, pointing to another page that redirects to hxxp://coripastares.com/in.php?adv=321&val=b81267. This URL hosts a malicious JavaScript detected as JS_PSYME.FE, which then tries to install TROJ_DROPPER.ALS.

    TrendLabs anti-malware engineers have downloaded the HTML file where the malicious iFrame was inserted. This HTML file with the malicious iFrame is now detected as HTML_IFRAME.JF.

    Trend Micro also now detects the file downloaded from the URL hxxp://coripastares.com/adw_files/100/da41bcd6/install.exe as TROJ_SMALL.AYR, which installs a host of other malware detected as TROJ_RENOS.LA, TROJ_AGENT.AEUM, and TROJ_WANTVI.E.

    As if those malicious scripts and Trojans were not enough, this malware also downloads an adware detected as ADW_REANIMATOR from the following site:

    • hxxp://www.winreanimator.com/inst/1017/74c321f6c3d70a510c6436c9b79f8090/9/Installer2.exe

    By virtue of their popularity, music bands are almost a given as effective tools for social engineering. As has been seen last November, pianist and singer Alicia Keys’ MySpace Web page was compromised; a background image was injected into it and redirected to malicious sites supposedly located in China. Users were then prompted to download a fake video codec — actually a ZLOB Trojan.

    Trend Micro strongly encourages you to update your pattern files regularly. It will protect you from the latest as well as old malware threats.

    Image courtesy of im-glowing.blogspot.com

    Note from Paul Ferguson, Advanced Threats Research: We love The Hives. We just hate malware & cyber criminals.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice