更新資訊:已修復
淡江大學網站被植入惡意連結,此惡意連結會嘗試連至其他的網站,但目前在我的測試環境中是無法連上那些網站 (hxxp://www.misofthelp.com),所以,無法順利執行惡意程式 (病毒作者應該很快就會發現,然後,修正其程式碼),不過,能不能在各位的環境中執行成功,我就不知道了,請各位暫時不要瀏覽這個網站,以免中毒,等確認他們已經修復後,會在此更新訊息。另外,此惡意程式是利用微軟所公佈的安全漏洞 (Vulnerability in Windows Animated Cursor Handling) (此為零時差攻擊)。(Credit: 飛影‧忌子)
**請幫忙通知他們,謝謝**
惡意連結是放置在首頁中的:
執行此惡意檔案後,會發生 Microsoft JScript runtime error:
此惡意檔案的內容為:
到目前為止 (2007/3/31 @ 9:42),下面的防毒軟體可以偵測到這些惡意檔案:
7888p.jpg:
[ AVG ], "Downloader.Small.58.AW"
[ BitDefender ],"Exploit.Win32.MS05-002.Gen"
[ Trend ], "TROJ_ANICMOO.AX"
[ Microsoft ], “TrojanDownloader:Win32/Anicmoo.gen!D”
[ Kaspersky ], “Trojan-Downloader.Win32.Ani.g”
[ McAfee ], “Exploit-ANIfile.c”
[ Sophos ], “Troj/Animoo-U”
[ Rising ], “Hack.Exploit.RIFF.b”
[ CAT-QuickHeal ], "Exploit.MS05-002"
[ DrWeb ],"Trojan.DownLoader.19858"
[ eTrust-Vet ], "Win32/MSA-935423!exploit"
[ F-Secure ], "Trojan-Downloader.Win32.Ani.g"
[ Sunbelt ], "Trojan-Exploit.Anicmoo.ax (v)"
[ Symantec ], "Bloodhound.Exploit.131"
9197p.jpg:
[ AVG ], "Downloader.Small.58.AW"
[ BitDefender ],"Exploit.Win32.MS05-002.Gen"
[ Trend ], "TROJ_ANICMOO.AX"
[ Microsoft ], “TrojanDownloader:Win32/Anicmoo.gen!D”
[ Kaspersky ], “Trojan-Downloader.Win32.Ani.g”
[ McAfee ], “Exploit-ANIfile.c”
[ Sophos ], “Troj/Animoo-U”
[ Rising ], “Hack.Exploit.RIFF.b”
[ CAT-QuickHeal ], "Exploit.MS05-002"
[ DrWeb ],"Trojan.DownLoader.19858"
[ eTrust-Vet ], "Win32/MSA-935423!exploit"
[ F-Secure ], "Trojan-Downloader.Win32.Ani.g"
[ Sunbelt ], "Trojan-Exploit.Anicmoo.ax (v)"
[ Symantec ], "Bloodhound.Exploit.131"
文章標籤
全站熱搜
COMMENT: 感謝您~
COMMENT: 4/1 00:17分查看, 已無惡意連結.