http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/ Cutting edge security research as it happens....... Mon, 15 Mar 2010 10:26:50 -0500 http://wordpress.org/?v=2.8.3 hourly 1 http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-22117 Chris Mosby at myITforum.com : McAfee Avert Labs Blog -W32/Fujacks: Panda Malware Breeders Arrested Tue, 13 Feb 2007 13:49:03 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-22117 [...] Both W32/HLLP.Philis and W32/Fujacks are more than the usual file infectors. These are multi-vector threats, usually including an aggressive downloader that updates itself frequently, can infect both executable and non-executable files over insecure media such as open network shares and USB drives, thus slipping through the cracks of loosely managed IT policies. Once successful, trusted media files can be further infected with malicious code or hyperlinks through PE file infection, web-based exploits over HTML or media files targeted against unpatched and vulnerable applications. [...] [...] Both W32/HLLP.Philis and W32/Fujacks are more than the usual file infectors. These are multi-vector threats, usually including an aggressive downloader that updates itself frequently, can infect both executable and non-executable files over insecure media such as open network shares and USB drives, thus slipping through the cracks of loosely managed IT policies. Once successful, trusted media files can be further infected with malicious code or hyperlinks through PE file infection, web-based exploits over HTML or media files targeted against unpatched and vulnerable applications. [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-16084 RealMedia file contains a malicious link ! » Covert.Zone Sun, 28 Jan 2007 16:17:23 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-16084 [...] W32/Realor.worm - Infecting Movies for Fun and Profit [...] [...] W32/Realor.worm – Infecting Movies for Fun and Profit [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-16081 大� �開講 » Blog Archive » Real Player 影音檔包含惡意連結！ Sun, 28 Jan 2007 15:53:24 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-16081 [...] W32/Realor.worm - Infecting Movies for Fun and Profit [...] [...] W32/Realor.worm – Infecting Movies for Fun and Profit [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-8444 corradoignoti.it » Virus inside Real Media files Sat, 23 Dec 2006 11:25:54 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-8444 [...] antivirus firm McAfee warned Windows users that the company had discovered a worm actively infecting Real Media files (.rm). [...] [...] antivirus firm McAfee warned Windows users that the company had discovered a worm actively infecting Real Media files (.rm). [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-6045 Computer Security Research - McAfee Avert Labs Blog Mon, 11 Dec 2006 11:06:43 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-6045 [...] I previously wrote about non-executable file formats being a popular vector in recent years; this is a trend that will continue into 2007 and deserves to be given ample consideration in planning for security resources, policies and user education programs. [...] [...] I previously wrote about non-executable file formats being a popular vector in recent years; this is a trend that will continue into 2007 and deserves to be given ample consideration in planning for security resources, policies and user education programs. [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-2070 MalwareTeks Blog : Malware goes to the movies Thu, 16 Nov 2006 16:19:32 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-2070 [...] On Tuesday, antivirus firm McAfee warned Windows users that the company had discovered a worm, dubbed W32/Realor, actively infecting Real Media files. The infected video files do not contain an exploit for the RealOne or Real players, but a hyperlink that points to a malicious Web site. When infected files are opened, the victim is referred to the Web site, which attempts to compromise their computer using a previously patched flaw in Internet Explorer. [...] [...] On Tuesday, antivirus firm McAfee warned Windows users that the company had discovered a worm, dubbed W32/Realor, actively infecting Real Media files. The infected video files do not contain an exploit for the RealOne or Real players, but a hyperlink that points to a malicious Web site. When infected files are opened, the victim is referred to the Web site, which attempts to compromise their computer using a previously patched flaw in Internet Explorer. [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-2043 Dragan’s Blog on Security » Be carefull: Malware Goes to the Movies Thu, 16 Nov 2006 11:47:50 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-2043 [...] Read McAfee Avert Labs Blog post on this here. [...] [...] Read McAfee Avert Labs Blog post on this here. [...]

]]> http://www.avertlabs.com/research/blog/index.php/2006/11/14/w32realorworm-infecting-movies-for-fun-and-profit/comment-page-1/#comment-1891 Chris Mosby at myITforum.com : McAfee Avert Labs Blog - W32/Realor.worm - Infecting Movies for Fun and Profit Wed, 15 Nov 2006 14:35:19 +0000 http://www.avertlabs.com/research/blog/?p=132#comment-1891 [...] Trackback [...] [...] Trackback [...]

]]>