☺ Summer Nights

And city Lights ☺

Showing posts with label Malware. Show all posts
Showing posts with label Malware. Show all posts
Friday, October 25, 2013
Google Detected Malware On PHP .Net websites

By Unknown in , , , , , , , ,
0



If you are today trying to visit the php.net website, an official website of the PHP scripting language, you will likely see the above shown result, instead of the original website


Chrome and Firefox is currently flagging the site as "suspicious" and contains malware that can harm your computer.







According to Google's Webmaster Tools, the script at http://static.php.net/www.php.net/userprefs.js was included as suspicious, and Google's Safe Browsing diagnostics for php.net do suggest that malware has been present on the site in the last 90 days:

"Of the 1513 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent." 

"Malicious software includes 4 trojan(s). Malicious software is hosted on 4 domain(s), including cobbcountybankruptcylawyer.com/, stephaniemari.com/, northgadui.com/ . 3 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including stephaniemari.com/,northgadui.com/, satnavreviewed.co.uk/ ." The obfuscated JavaScript "userprefs.js" inserts a hidden iframe into the webpage, which loads content from an external site known for distributing malware. 


KnowldgeHutt.Blogspot.in


This suggests that the website may have been compromised recently. Well, Google's Safe Browsing team will be looking into the issue and we will update this article if we hear anything from Google or PHP site owner.

Update (1:42 PM Thursday, October 24, 2013 GMT): It seems that the issue has been resolved by admins and PHP.net is back as a normal clean website, after removing malicious scripts.

Update: After Security Audit, PHP team found that two servers were compromised for some unknown time. They said that their Git repository was not compromised, and it remains in read only mode as services are brought back up in full.

"As it's possible that the attackers may have accessed the private key of the php.net SSL certificate, we have revoked it immediately. We are in the process of getting a new certificate, and expect to restore access to php.net sites that require SSL (including bugs.php.net and wiki.php.net) in the next few hours." blog post said.

The team concludes that JavaScript malware was served to a small percentage of php.net users from the 22nd to the 24th of October 2013. Now all affected services have been migrated to new secure servers.

.
Read More
Friday, October 18, 2013
First Malware ever for Firefox Mobile OS

By Unknown in , , , , , , , ,
0

Firefox OS is a mobile operating system based on Linux and Mozilla’s Gecko technology, whose environment is dedicated to apps created with just HTML, CSS, and JavaScript.

After almost two years of development, a few months back Mozilla officially launched their Firefox OS devices in stores and now the first Malware for the brand new platform is available.

Shantanu Gawde, 17-years-old, an Independent Security Researcher is going to demonstrate the very first known malware for Firefox OS at the upcoming Information Security Summit - The Ground Zero (G0S) 2013, to be held on November 7th - 10th, 2013 at The Ashok, New Delhi.

First Malware for Firefox Mobile OSFirefox OS is different - Every app in Firefox OS including the Camera and the Dialer is a web app, i.e. a website in the form of an app. Simple! Mozilla has developed Web APIs so that HTML5 apps can communicate with the device’s hardware and Shantanu has used the same APIs intentionally to exploit the device for malicious purpose.

Basically, there are two types of Firefox OS apps: packaged and hosted. Packed apps are essentially a zip file containing all of of an apps assets: HTML, CSS, JavaScript, images, manifest, etc.

Hosted apps are just a website is the application, means you can host the app on a publicly accessible Web server, just like any other website.

His demonstration will showcase the malware app developed by him using just HTML, CSS, and JavaScript, and capable to perform many malicious tasks remotely on the device i.e. Accessing SD Card Data, Stealing Contacts, downloading-uploading Files on device, Tracking Geological location of the user etc.

"The purpose of the PoC is of course to motivate developers to ensure better security on their platforms rather than providing inspiration to those with malicious intents." he told 'The Hacker News'.

Ground Zero









The rapid growth and evolution of mobile malware is swiftly becoming a highly profitable business for cybercriminals. According to the third annual Mobile Threats Report from Juniper Networks, mobile malware threats have grown a huge 614% in the period March 2012 to March 2013.

With mobile malware on the rise and attackers becoming increasingly clever and they are also targeting every possible new platform. Make sure you will be at Ground Zero this year to see live threat to one of the prominent upcoming mobile operating systems.

Read More
Subscribe to: Posts (Atom)