Archive for November, 2008

Zeus/Wsnpoem/Zbot targets

Tuesday, November 4th, 2008

I ran into an interesting Zbot sample today. I haven’t peeked at them often and I was surprised to see a big bunch of various poker sites in the configuration as stealing targets. That prompted me to do a quick search on zbots seen in the last few days and I ended up downloading the encrypted configuration files from the C&C servers that I saw were online. 22 of them active :) (more…)

Posted in General InfoSec, Malware FreakShow | 1 Comment »

MS08-067 fun started

Monday, November 3rd, 2008

Yup, took this long for someone to start properly abusing the MS08-067 vulnerability. There’s a worm now on the loose that uses the exploit. The worm component comes coupled with a kernel mode DDOS bot that’s been doing the rounds for a while now.
(more…)

Posted in General InfoSec, Malware FreakShow | No Comments »

InspectorWordpress has prevented 2 attacks.