I�ve blogged before about the problem of Google Adwords pushing Antivirus XP Antivirus 2008. The situation is still ongoing.
However, it�s taken a turn for the worse, as these XP Antivirus pages are pushing exploits to install malware on the users system.
URLs involved in this particular event:
bestantivirus2009 comiframe with exploits: huytegygle com/index.php <--script
There are a variety of exploits being used, including setslice and an AOL IM exploit. Unusually, an exploit framework is not being used. Fully patched systems will not be affected by these exploits.The exploit attempts to install the following malicious file: huytegygle com/bin/ file.exe.
(Obviously, don�t visit these URLs unless you know what you�re doing, or you could be an unhappy camper.)
Alex Eckelberry
No comments:
Post a Comment