Linked by Thom Holwerda on Mon 26th Sep 2011 22:25 UTC, submitted by HAL2001
Privacy, Security, Encryption Well, this is embarrassing. has been hacked (fixed by now), and was turned into a platform serving malware to unsuspecting visitors. The criminals did this by injecting a script which redirected visitors to a website which uses the BlackHole exploit pack, which probes the browser used and serves up an appropriate exploit. Computer security blogger Brian Krebs saw root access to being offered for $3000 only a few days ago.
Thread beginning with comment 490877
To read all comments associated with this story, please click here.
Comment by metalf8801
by metalf8801 on Tue 27th Sep 2011 05:56 UTC
Member since:

Its interesting that ClamAV was one of the first four security software packages that could detect this piece of malware

Reply Score: 3

RE: Comment by metalf8801
by manjabes on Tue 27th Sep 2011 09:11 in reply to "Comment by metalf8801"
manjabes Member since:

If you look at the VirusTotal report carefully, you'll notice that none of the security programs actually "caught" the hack. 4 of 44 simply labeled it as "suspicious" which in regular-user terms means "false-positive".

Reply Parent Score: 1

RE[2]: Comment by metalf8801
by Gullible Jones on Tue 27th Sep 2011 13:03 in reply to "RE: Comment by metalf8801"
Gullible Jones Member since:

Sadly this is starting to look like the normal state of affairs. There seem to be whole categories of malware, e.g. fake antivirus trojans, that most AVs just don't detect.

Furthermore, "realtime" antivirus protection is often a joke in my experience. I've seen computers get infected straight through it with big-name antiviruses like Norton and McAfee.

I figure this is the reason Microsoft decided to implement UAC... Which would probably be quite effective, if everyone and their sister didn't turn it off!

Reply Parent Score: 3