Filmmakers Charles and Walker Koppelman are working on a new movie
project about cybercrime. We've met with Charles and the project seems
really interesting.
The project is still underway, and now the filmmakers are looking for additional funding via crowdsourcing. Check out the current status of the project at Kickstarter. If you feel like it, you can fund part of the movie.
The project is still underway, and now the filmmakers are looking for additional funding via crowdsourcing. Check out the current status of the project at Kickstarter. If you feel like it, you can fund part of the movie.
| A Tumblr of Rogues | |
|
|
|
So where are they lurking nowadays?
They are still using the SEO-poisoning method, of course. They do need to gain some visibility after all. But in addition to the usual compromised domains, they are now happily residing in Tumblr.
The screenshot below is taken from one of the several rogue-pushing Tumblr accounts:
And well, as an Internet user, when we are presented with a video and a play button in the middle what do we do? We click it! Right? And the video will promptly play… well, not this time. That "video" is actually an image. So, that innocent click activates the malware and will take you to a page which redirects to an exploit page and finally to a rogue antivirus.
It downloads a file named YvMiN.jar, which exploits Java vulnerability CVE-2012-0507. In addition, if the browser used is not Chrome, additional files (named DoNbI.pdf and hCJkApns.pdf) are also downloaded, which then exploit vulnerabilities in Adobe Reader, specifically CVE-2008-2992, CVE-2007-5659, and CVE-2010-0188.
Successful exploitation currently leads to a rogueware called Windows Performance Adviser.
So… tip of the day… if those wonderful videos are not on a trusted domain… don't click them… but… but… just don't. ;)
Safe surfing!
No comments:
Post a Comment