Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Fake Quake Takes Cake | Main | "You look really stupid" »

June 23, 2008

Yet More Storm Quaking

The Chinese earthquake (not the real one, but a later 9.0 one that never occurred) malware lure (here and here) has revved up again, but this time with links to numeric IP addresses, rather than domain names. Although the linked sites look the same, the payload (still called beijing.exe) has apparently morphed a bit, as VirusTotal didn't recognize it as previously scanned when I passed it through for analysis. Some AV programs that caught the earlier version didn't catch this one; while others that didn't catch the first one caught this one. Total score at the moment: 10 of 33.

Posted on June 23, 2008 at 08:36 AM