Monthly Archives: May 2011

Hidden Malicious Redirector

Normally when you visit a webpage that’s been compromised, you can find the malicious redirect link (e.g. iframe, Javascript) by viewing the HTML source code. On this particular website, the malicious redirect link only appears when the webpage is saved … Continue reading

Posted in Malscript | Tagged , , , , | 4 Comments

Meta(sploit) Pack

Some time ago, the Open Source Exploit Pack was released on some hacker forums. As the name implies, the author has intended for this to be open source and improved by others. Well, someone recently modified this pack and got … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , , , , , | Leave a comment

Flash Used in Idol Malvertisement

As the American Idol finale approaches, millions of people are keeping an eye on the results. So what better time to launch a new malvertisement campaign! This one can be found on a popular idol fan page. If you visit … Continue reading

Posted in Malscript | Tagged , , , | 1 Comment

Deobfuscating the Facebook Spam Script

The latest Facebook spam Javascript code was sent to me. Apparently there are two versions, one was obfuscated while the other wasn’t. Lucky me, I get the obfuscated one! My first thought was “wow, nice obfuscation but should be easy … Continue reading

Posted in Malscript | Tagged , , , , | 10 Comments

Amusing UPS/Fedex Malicious Email

Yesterday I received this UPS email with a malicious zipped attachment. A couple hours later, I get another one. This one had Fedex content but the “from” and “subject” lines were still showing “UPS”. Another two or so hours pass … Continue reading

Posted in Malicious Email | Tagged , , | Leave a comment