Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    A site dubbing itself as the world’s largest podcast directory has been compromised! Even Google cautions about visiting the site, warning the user that it “may harm your computer.”

    The site, hxxp://, seemingly contains a redirector string, such that a visit to the site’s main page (hxxp:// will automatically lead users to http://www.{BLOCKED}, which in turn downloads a malicious file from http://www.{BLOCKED} Trend Micro detects the downloaded file as TSPY_WOWAR.AG.

    Once again playing culprit to this series of redirections is injected code, which has been obviously obfuscated to deter possible analysis. Obfuscation — normally done to protect direct copying of personal code — may actually prove detrimental to a malware (spyware) author in this case, as it may be proof enough that a chunk of illegible characters is present in a fully legitimate site.

    Diligence is required of any Webmaster, and indeed much of it is needed in this robust era of Web threats. Such is truly applicable if one plans to call itself as the “largest podcast directory” on the Net, as malware writers are all too eager — and fully capable — to transform this “largest directory” to serve heapings of malicious intent.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice