speedtest.net spreading Security Sphere 2012

Discussion in 'malware problems & news' started by vasa1, Oct 11, 2011.

Thread Status:
Not open for further replies.
  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,236
    Okay! So this is how my friend picked it up!

    He phoned his ISP about slow net speed and was asked to go to speedtest.net! And today, I read this:
    Source: http://blog.armorize.com/2011/10/malvertising-lifecycle-case-study-openx.html
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,001
    Ouch, but I guess this is the future of spreading malware, compromising legit sites.
    It's good to see that a lot of big AV players were fast on updating their definitions, most within just a few hours. So the impact will have been minimized.

    A little note on this:
    If you're using a good ad blocking subscription (e.g. Fanboy's lists) that domain is blocked. So in this case if the user was using out-dated software, the simple use of a TPL/ABP would have protected them.

    I assume it's been removed by now?
     
  3. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,236
    Yes, I managed to remove it using the instructions on the bleepingcomputer site I referenced in the other link.

    But another infection is just a matter of time because he's far from savvy and doesn't know about using IE's blocking tools :(
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,001
    Yeah it was just a little FYI for anyone that didn't notice/know. As you know that functionality is not limited to IE (or OS for that matter), Chrome/Iron and Firefox have block lists from Fanboy too. I think Opera's is just a hide list though, not sure if that would work.

    Though I meant has speedtest.net been "cleaned" :p
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.