PDA

View Full Version : sponsor link virus



G.A.
05-24-2013, 07:55 AM
i just clicked on the link up top right on page for the delux wall tent gys..my antivirus just stopped a bug from hitting my system.

its called an: exploit blackhole exploit kit( type2602
object name: sarafan.home.pl/counter.php


The Blackhole exploit kit is currently the most prevalent web threat, where 28% of all web threats detected by sophos and 91% by avg are due to this exploit kit. Its purpose is to deliver a malicious payload to a victim's computer.The supposedly Russian creators use the names "HodLuM" and "Paunch".



The customer licenses the Blackhole exploit kit from the authors and specifies various options to customize the kit.
A potential victim loads a compromised web page or opens a malicious link in a spammed email.
The compromised web page or malicious link in the spammed email sends the user to a Blackhole exploit kit server's landing page.
This landing page contains obfuscated JavaScript (http://en.wikipedia.org/wiki/JavaScript) that determines what is on the victim's computers and loads all exploits to which this computer is vulnerable and sometimes a Java (http://en.wikipedia.org/wiki/Java) applet (http://en.wikipedia.org/wiki/Applet) tag that loads a Java Trojan horse.
If there is an exploit that is usable, the exploit loads and executes a payload on the victim's computer and informs the Blackhole exploit kit server which exploit was used to load the payload.

The Hermit
05-26-2013, 05:53 PM
Crikey! Are you using a Mac or PC?

G.A.
05-27-2013, 12:21 PM
Both. Virus isnt on my end to matter. Obviously someone doesnt care if we get hit

Hodaka
05-29-2013, 10:06 PM
Not a virus.
Your Mac is 100% safe, your Windoze is probably safe because your antivirus picked it up. Also, if you are on top of software/OS updates in Windoze, most likely safe even if antivirus did not block it.
Many sites that are hosting this malware are not even aware of it. Contact site admin to let them know.

Marc
05-29-2013, 10:49 PM
It's been cleared up. Talked with the owner of the site and he got rid of the virus. Let me know if it still pops up on your anti virus but it should be taken care of.

G.A.
05-30-2013, 07:07 AM
yes i know wasnt actual virus..just the general term. thats why i posted what the techy is on it.
ya i know my stuff is safe there hodaka, was just a heads up for others.

G.A.
05-30-2013, 07:09 AM
and i dont see thier banner add anymore to chek it out..refreshed page multiple times to get the diff banners to show and went through them all 2x and no more wall tent banner shows