Monthly Archives: November 2012

New Exploit Pack Spotted

Another new exploit pack has been found in the wild. This pack uses two interesting methods to obfuscate its contents. Both methods aren’t brand new but interesting nonetheless. Let’s have a closer look… Here’s the infection chain: tmkgm.lflinkup.com/main.php alpkfbtgy.lflinkup.com/3227fyw/024776ygcgd.asp?1 alpkfbtgy.lflinkup.com/06592657829ja/qrsop326821?1 … Continue reading

Posted in Exploit Packs, Malscript | Tagged , | 1 Comment

Exploit Packs and the Secret Decoder Ring

If you’ve ever analyzed an exploit pack, you will often see a string of strange characters as parameters to a Java applet. You might have even noticed a certain pattern suggesting that this isn’t random characters. Here’s what I’m talking … Continue reading

Posted in Exploit Packs, Tools | Tagged , , , , | Leave a comment

KaiXin Exploit and Tool Update

Just a quick follow-up of an in-depth article from Denis Laskov which you can read here. Denis kindly provided me with the pack and I noticed that this strange text file was getting downloaded: This sort of looks like an … Continue reading

Posted in Exploit Packs, Tools | Tagged , , | Leave a comment

Not A Very Nice Pack

Someone just rigged an unsubscribe page with a Nice Pack drive-by! How cruel is that?! At least this gives us another reason not to click on links in email, even if it is to opt-out. Here’s the unsubscribe page: And … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , , | 1 Comment