malware – HackerTarget.com

Malware in WordPress Themes

the admin — Wed, 01 Jun 2011 06:15:16 +0000

Found an interesting article over at OttoPress with some in depth analysis of malware discovered in a theme on a less than reputable WordPress theme site. Seems there are some dodgey sites out there that have infected themes, both free ones and ripped off professional themes. Beware and check the reputation of your themes.

It had malware inserted into it that is of a much more malicious and spammy nature. Further investigation reveals that ALL of the themes on that site contain basically the same code. This code is not actually “viral”, but it’s definitely malware and it’s worth investigating to see some of the ways people try to hide their spam.

So today, I’m going to dissect it and serve it up on a platter for everybody to see.

Anatomy of a theme malware

Other excellent posts on this topic include:
Jaypee writes on WordPress Theme Malware
Analysis of Top Google Results for Free WordPress Themes

The post Malware in WordPress Themes appeared first on HackerTarget.com.

PandaLabs 2010 Annual Report

the admin — Mon, 10 Jan 2011 22:07:51 +0000

It appears 2010 has been a cracking year for malware developers. Customised malware is a significant threat to any environment, given the fact that controls that can effectively protect against these attacks are limited and difficult to implement. Anti-virus certainly does not provide much protection against a trojan that has been customised to attack a specific organisation. FUD is a term used in malware circles and referes to "Fully Un-Detectable" by AV.

According to PandaLabs 2010 Annual Report:

"In 2010, have created and distributed one third of all viruses that exist. These means that 34% of all malware ever created has appeared -and been classified by our company- in the last twelve months." [1]

They have noticed a rise in malware distributed via popular social media like Facebook and Twitter as well as Linkedln and Fotolog. Activist attacks have been on the rise as well including coordinated DDoS against popular websites in support of Wikileaks. PandaLabs believe that most of the trends of 2010 will continue in 2011 including;

"[...] an increase in the threats to Mac users, new efforts to attack 64-bits systems and new zero-day exploits." [1]

PandaLabs 2010 Annual Report.

The post PandaLabs 2010 Annual Report appeared first on HackerTarget.com.

TechCrunch Europe hacked

the admin — Tue, 07 Sep 2010 00:59:53 +0000

Drive by downloads, adobe exploits and a zeus variant trojan that is only detected by 2 of 43 Anti-virus products.

This is a good example of current threats that website operators as well as end users should all be aware of, a high profile site gets hacked and poses a signifcant threat to the end user.

Once downloaded and run, the PDF files exploit a vulnerability and make the system download a version of the ever-so-popular ZeuS Trojan.

According to Trend Micro's Rik Ferguson, the server in question is located in Germany and is hosted by Netdirect - not a stranger to hosting malicious sites.

A few hours ago, TechCrunch tweeted that they "are aware of the (annoying) malware warning about the @TCEurope site", and that they are trying to fix it.

The awkward phrasing makes me think they thought at the time that there was some kind of mistake and not a legitimate warning. The site hasn't been taken down in the meantime, and there is no official
update on the situation.

Ferguson warns that the ZeuS variant is currently detected by only 2 out of 43 anti-malware solutions used by VirusTotal, so it's best to avoid the site altogether until they manage to clean its code.

TechCrunch Europe hacked, serving malware

The post TechCrunch Europe hacked appeared first on HackerTarget.com.