Monthly Archives: September 2011
ZeroAccess malware served via Google Alerts
Now, this story is crazy. Because I am a subscriber for Google Alerts service (among the keywords there are trojan and virus) this evening I have received an email from Google Alerts looking like this : You can see under Web section this URL address : http://www.google.com/url?sa=X&q=http://wcbi.com/photos/img/free-download-anti-virus-trojan.php&ct=ga&cad=CAcQAhgAIAEoBDACOABArYfZ8wRIAVgAYgVlbi1VUw&cd=lbdH6A8 Qsxo&usg=AFQjCNG25qrHqtnmCKmhjW5UVTmn4X-xIw which is intended to redirect to : http://wcbi.com/photos/img/free-download-anti-virus-trojan.php But instead the expected redirection, a malicious one take the place and users are redirected to a fake Megaupload website with this URL address: http://download-upload2.com/index.php?key=anti%20virus%20trojan Here an executable file is offered for downloading with the name 2_setup.exe, MD5: 26FF3373E2CB859DBE18E393797EB9B4 and size 231KB. It’s enough to submit this file to virustotal.com to understand what …
BIOS-MBR-Windows(BMW) or Mebromi, a new virus targeting the computer BIOS
A new virus targeting the computer BIOS was discovered by the chinese security company 360 Safety Center and it was reported that already several thousand of computers in the Chinese space were infected. The BMW virus attacks the computers running 32 bits systems and containing Award BIOS and it tries to infect users posing as a well-known game plug-in offered by malicious websites. The infection strategy is to trick the visitors to turn off first the antivirus software to avoid a possible conflict with the plug-in installation and finally to install it. Award BIOS is not at first attack against itself, the first attempts were made in 2007 year with …