trojan overload + + +..

Discussion in 'malware problems & news' started by Longboard, Jun 18, 2006.

Thread Status:
Not open for further replies.
  1. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,205
    Location:
    Sydney, Australia
    Just when you thought it was safe to go back in the water.

    From KMcA blog 13-6-06
    Keep that paranoia setting on high! :mad:

    Dump IE for good:
    As usual the rest is a good though alarming read.
    Even the usually irrepressable KMcA sound stressed.
    Lbd
     
    Last edited: Jun 18, 2006
  2. john2g

    john2g Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    207
    Location:
    UK
    Some later info from Kevin today:

    "26,000 files, 8,000 variants and 435 new trojans in ONE WEEK"
     
  3. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    642
    holy xxxx! :mad:

    man sandbox/virtualization for teh win! defensewall/bufferzone/geswall/sandboxie/tiny firewall professional/deepfreeze/shadowuser(surfer)/first defense ISR/rollback rx should be the first line of defense to any truly paranoid user. many of them are totally free! see my sig :)

    i'm amazed signature based anti-malware vendors havent' been overrun yet.
     
  4. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    I've sent dozens of samples to Kevin lately. His support has been excellent (almost always including the new samples whithin the next day). And I agree with his assessments, the situation these days is simply unbelievable; the number trojans that are being thrown out every day is astounding. The Zlob trojans are being produced to a rhythm that I didn't think was possible, the methods of infection become more and more complex and automated: their methods of infection, particularly when it comes to the CWS gangs, have gone from a simple html page with exploits to a method that includes complex "ever changing" javascript obfuscation routines clearly built from server-side scripts, server-side AND client-side "user agent" sniffing (with the especially crafted exploits being used as a result), constant automated "rotation" of the trojans as to make it impossible to define a single download point, social engineering and semi-social engineering tactics, a great amount of domains and an unbelievable amount of subdomains to avoid "hosts" files, etc.

    Just yesterday I found a site actively throwing exploits, trojans and *rootkits* with files that were undetected by *any* AV/AT (see http://cut-thecrap.blogspot.com/2006/06/is-av-industry-failing.html... and yes, some find them now simply because I sent the samples).
     
    Last edited: Jun 18, 2006
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.