Damballa Inc. an internet security company based in Georgia - specialized in BotArmies recently discovered a worldwide mega infection of botnets and had given it a name “Kraken“. Botnets are large networks of computers being command and controlled like a zombie. The name was probably derived from which Kraken(a legendary sea monster) is seen infecting more than 400,000 computers more than the current Storm Worm of 200,000 computers.
Continue reading ‘Kraken the Botnet - recruited 400,000 systems’
Thanks to Abhor Network and Sunbelt for for alerting us about the new Storm activity. The picture of a Joker holding out an April Fool message is trying to lure users into downloading a Storm worm. The link to the Storm website arrives in your mailbox with all sorts of April Fool’s subject headers. Once at the malicious website, it will try to download either a file with name foolsday.exe, funny.exe or kickme.exe. As of now, majority of anti-virus software may not have the signature for this variant - take necessary precaution.
Continue reading ‘Storm Worm targets April Fool Day’
SANS Internet Storm Center made an alert on their website concerning a huge number of legitimate websites being hijacked by malicious iframe that will direct users to 2117966.net. Those who are using an unpatched Internet Explorer is vulnerable to this attack. According to McAfee, majority of the infected websites are running phpBB - a popular forum software. But now it seems that the attack is shifted towards .ASP pages. Further reading at SANS and McAfee.
How to protect from malicious iframe exploitation?
I would like to introduce a Sunday edition of Dr. Safemode which is the Security Weekly Review. This is where I bring to you interesting security news which are posted on other security blog compiled throughout the one week period. An exception this time because I had a busy Sunday. :p
Security Weekly Review
