Jump to content

Build Theme!
  • Infected?


Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92231 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Malicious Website/Malicious Code

  • Please log in to reply
No replies to this topic

#1 Brandon O

Brandon O

    Silver Member

  • Authentic Member
  • PipPipPip
  • 287 posts

Posted 23 January 2006 - 08:24 PM

Websense Security® Labs™ has received reports of a malicious website which is hosting a Trojan horse keylogger. This keylogger is designed to steal end-user information when the user accesses certain online banks and e-commerce websites.

The file name of the code is "logo.wmf." This code attempts to utilize the recent Microsoft® Windows® WMF vulnerability, assuming the user has not applied the recent Windows patch to solve this issue. The code runs, without user-intervention, when the user accesses an infected website. If the code runs, it drops a file called "web.exe" onto the user's machine and runs it. This file is designed to compromise the end-users' confidential information and may also include a Trojan horse backdoor.

The site that hosts the malicious code is located in the UK and was up at the time of this alert. It is difficult to determine if the site's security has been compromised or if it was intentionally setup. The site contains little content, as it simply pulls links from the real London Olympics 2012 website.

Screenshots on the website.
ASAP member since 2006: Malware Complaints : a-squared Team


Register to Remove

Related Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users