Discussion in 'malware problems & news' started by ronjor, Dec 23, 2011.
I checked out the site in Opera, and a Fraud Warning popped up:
Using IE8, no exploit is triggered, and there is no longer an i-frame in the code, so it apparently has been cleaned up.
The blog title includes "site serving java exploit."
And the first paragraph states,
But the second paragraph has,
So, which site serves up the java exploit/malware?
This brings up an old complaint of mine. Years ago, "serving up an exploit" referred to a server compromised to load the malware directly. This could be done by compromised FTP, or by an insider placing the malware on the server, the latter being fairly common at universities and colleges in years past.
Now, this phrase includes any code compromise, such as SQL injection or [in this case] i-frame, which redirects to a site that actually serves up the malware payload.
I wish for the former distinction - it's clearer in its analysis, and keeps things tidy!
Sorry for going slightly off-topic but just wondering why I get this when trying to go to ronjor's link
This just looks like a parsing error from I assume Opera. The site you are connected to is indeed https://krebsonsecurity.com and the certificate is a valid SSL Server Certificate.
IE9 displays an error as well...
Could it be because the content of the website isn't fully secured? I get a red padlock when visiting it, because it includes content in http.
No I don't think so. In my case the first warning I get is "Only secure content is displayed". The certificate error warning is another, different warning. The site is a mix of secured and unsecured content, thus the first warning, but the certificate warning is covered by a different policy check.
I think you are correct.
Looking at the krebs site in IE8 I get several messages:
If I click Yes to display only secured stuff, then I get the certificate error:
If I allow, secured content is displayed. Missing are the RSS feed subscribe message, and many images, including this one:
Reloading the page in IE8, if I select to view all content, then everything including the images loads.
Separate names with a comma.