lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <200405241636.14616.filbert@pandora.be> From: filbert at pandora.be (Filbert) Subject: browser hijack by apache sites On Monday May 24 2004 14:46, Feher Tamas wrote: > Hello, > > >http://www.b00gle.com/fa/?d=get > > Starting from here, the usual combination of unpatched IE and plain > user will quickly receive a nice set of malware automatically: > Small.gl, Istbar.dw, Java_Classloader, Java_OpenStream, etc. > > The end station is probably Gator, CoolWeb, a spam proxy or > something even nastier. > > >http://www.pizdato.biz/acc1/exploit.exe > > "This file works "normally", installs itself and creates a startup key in > the Registry. It can download files from Internet. Could be classified as > a new TrojanDownloader malware" > > Sincerely: Tamas Feher. > I agree, but my concern is how does it infect apache webservers by adding this peace of malware at the bottom of a web page? -- echo "+++ATH0filb@...ATH0filb@...uxmail.org" | sed 's/+++ATH0//g'
Powered by blists - more mailing lists