Archive for the 'Virus' Category

DHL Print Label – MALWARE

Tuesday, October 27th, 2009

I recently received the following email:


The courier company was not able to deliver your parcel by your address.
Cause: Error in shipping address. 

You may pickup the parcel at our post office personaly!

Please attention!
The shipping label is attached to this e-mail.
Print this label to get this package at our post office.

Please do not reply to this e-mail, it is an unmonitored mailbox.

Thank you,
DHL Global Forwarding Services.

There is a file attached, do not open or run this file as it contains malware.

ThreatExpert behavioral analysis:

Anubis behavioral analysis:

See the Web of Trust (WOT) and MalwareURL reports for mmsfoundsystem .ru, a domain to which this malware phones home, and a related domain:

– 3Monkeys

HTML/FRAMER virus alert from AVG

Friday, July 17th, 2009

I found the HTML/FRAMER virus had infected this site. It has been eradicated!

For those interested, the following code (commented for security) was inserted into the main index (index.php) by some hacker. For those of you with WordPress blogs I suggest you check you index.php file, the malicious code is inserted at the end on index.php. Other forms of the virus encode the iframe attack.

<!– <iframe src=”” width=0 height=0 style=”hidden” frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe><iframe src=”” width=0 height=0 style=”hidden” frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe> –>