To take full advantage of everything offered by our forum, please log in if you are already a member or join our community if you're not yet....
For Rules


The Black Örganitation

RSS feeds


Google ping
------------------------------ Submit ExpressSearch Engine Marketing ------------------------------
Free Search Engine Submission

You are not connected. Please login or register

Please wait page is loading…a webpage leads to Banker Trojan Zbot

Go down  Message [Halaman 1 dari 1]


Bitdefender security researcher come across a malicious website that
presents extreme dangers to users ,infecting systems with Zbot.

The site opens a HTML page that simply displays "Please wait page is
loading..." , a malicious JavaScript code redirects users to another
malicious java script.

[You must be registered and logged in to see this link.]
"This second JavaScript file (Trojan.JS.Redirector.YF) is called js.js
and is stored in a folder with a randomly generated name. Itappears this
malicious JS file has been planted on a multitude of servers that host
otherwise clean websites, probably as a result of FTP credentials theft.
This script has the sole purpose of redirecting the user to the exploit
page, the final stop in this redirection trip." researchers wrote in
the Malware city page.

"The second HTML page (Trojan.HTML.Downloader.Agent.NBF) the user
finally reaches embeds a Java applet (Exploit.Java.CVE-2010-0840.P) – a
front for a well-known exploit (CVE-2010-0840) which now is used to
download and install a Zbot variant (Trojan.Zbot.HTQ) on the compromised

Zbot a.k.a Zeus, ZeusBot or WSNPoem, is a banker Trojan rigged with
backdoor and server capabilities, known to collect from its victims
bank-related information, login data, history of the visited Web sites
and other sensitive details. Some versions may even snatch screenshots
of the compromised machine's desktop.

Kembali Ke Atas  Message [Halaman 1 dari 1]

Permissions in this forum:
Anda tidak dapat menjawab topik