Difference between revisions of "New Chinese exploit pack"

From Botnets.fr
Jump to navigation Jump to search
 
(Created page with "{{Publication |Year=2012 |Date=2012-08-02 |Editor=Kahu security blog |Link=http://www.kahusecurity.com/2012/new-chinese-exploit-pack/ |Author=Darryl, }}")
Line 1: Line 1:
{{Publication
{{Publication
|Image=
|Legend=
|Document=
|Licence=
|Video=
|Link=http://www.kahusecurity.com/2012/new-chinese-exploit-pack/ www.dahusecurity.com
|Author=Darryl,
|NomRevue=Kahu Security blog
|Date=02 août 2012
|Editor=Kahu Security
|Year=2012
|Year=2012
|ISBN=
|Date=2012-08-02
|Page=
|Editor=Kahu security blog
|Abstract=A Korean news site was recently observed distributing malware. I thought it would be an opportune time to test out my program that attempts to locate malicious scripts on a website. Here’s an excerpt from the results [...] Looking at the screenshot above from the bottom up, we see some suspicious content from an IP address. That page gets called by an infected “popupmenu.js” file. And that file gets referenced on the main news page. Good, we know now where to start looking! By the way, the “ad.html” page that gets iframed has an “entropy” value of about 68% which is rather high (see top of the screenshot). This suggests the page has obfuscated Javascript.
|Link=http://www.kahusecurity.com/2012/new-chinese-exploit-pack/
|Botnet=,
|Author=Darryl,
|Malware=,
|ExploitKit=KaiXin,
|CCProtocol=,
|Operation=,
|Keyword=,  
}}
}}

Revision as of 22:13, 1 February 2015

(Publication) Google search: [1]

New Chinese exploit pack
Botnet
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-08-02
Editor/Conference Kahu security blog
Link http://www.kahusecurity.com/2012/new-chinese-exploit-pack/ (Archive copy)
Author Darryl
Type

Abstract

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR458,
   editor = {Kahu security blog},
   author = {Darryl},
   title = {New Chinese exploit pack},
   date = {02},
   month = Aug,
   year = {2012},
   howpublished = {\url{http://www.kahusecurity.com/2012/new-chinese-exploit-pack/}},
 }

Retrieved from "https://www.botnets.fr/index.php?title=New_Chinese_exploit_pack&oldid=1023"