Malware via Legitimate Sites

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

BleepingComputer.com > Security > Breaking Virus & Security News

Malware via Legitimate Sites, i had a hunch..

Options

jeff___H View Member Profile	Oct 28 2009, 01:46 PM Post #1
New Member Group: Members Posts: 14 Joined: 22-October 09 From: Philly Burbs Member No.: 393,305	When my machine became infected last week, I suspected that it came through a legitimate site, and that it exploited Adobe. According to the following article, it looks like my hunch was correct: http://www.wired.com/threatlevel/2009/10/gawker/

Ken-in-West-Seat... Ken-in-West-Seattle View Member Profile	Nov 7 2009, 12:58 AM Post #2
Senior Member Group: Members Posts: 389 Joined: 29-October 09 Member No.: 396,308	yep. I got hit by one back in July. Posted to a local papers comments section before they knew enough to lock it down. But it made me go through all my puters and update the reader bho's and flash blockers and all my old versions of acrobat.

jerger View Member Profile	Nov 9 2009, 02:17 PM Post #3
Member Group: Members Posts: 16 Joined: 9-November 09 Member No.: 400,513	i've been pretty lucky with prevention so far on win7 with microsoft security essentials x64... anyone know if it checks websites in addition to files when doing its lookup? might be useful for these cases -------------------- for what its worth

Nawtheasta View Member Profile	Nov 9 2009, 10:24 PM Post #4
Member Group: Members Posts: 140 Joined: 10-February 08 From: New England, USA Member No.: 189,491	I don’t exactly what just happened but about an hour ago I looked at Drudge and there was a link about a story where NASA was going to debunk the 2012 myth. Clicking this brought me to Breitbart and suddenly Adobe acrobat starts to open. This seemed weird.. McAfee alerted that NetMeeting chat wanted access to the internet , which I blocked. I closed everything but Firefox was hung up. When I would click the Firefox Icon I got a box saying Firefox was running. Closed this box with task manager. Did an MBAM scanned that turned up nothing. Did a restart. Firefox and everything else seems Ok. Could this be the Adobe vulnerability others have mentioned or was I just paranoid? Regards Nawtheasta. P.S. Where is the best safe place to go to update Adobe?? Is there a link in BP?

Ken-in-West-Seat... Ken-in-West-Seattle View Member Profile	Nov 10 2009, 09:46 AM Post #5
Senior Member Group: Members Posts: 389 Joined: 29-October 09 Member No.: 396,308	The current adobe reader has a "check for updates" in the help menu. I don't remember seeing it in older versions. Secunia vulnerability scanner pointed me to a lot of updates. http://secunia.com/vulnerability_scanning/

Nawtheasta View Member Profile	Nov 10 2009, 01:17 PM Post #6
Member Group: Members Posts: 140 Joined: 10-February 08 From: New England, USA Member No.: 189,491	Thanks Ken I found the download link here on BP ( Resources / Must have software) . Did the download last night. Still don't know if I tripped up a legitimate application and panicked because it did not look right or if I really dodged a bullet. Anyway the computer seems ok. Best Regards Nawtheasta P.S. Thanks, I will check out Secunia This post has been edited by Nawtheasta: Nov 10 2009, 01:18 PM

Stang777 View Member Profile	Nov 12 2009, 04:55 PM Post #7
Just Hoping To Help Group: Members Posts: 1,531 Joined: 30-December 08 From: Utah Member No.: 275,768	Nawtheasta, when I go to a lot of legit sites my firewall notifies me that Adobe is trying to open, so I would not worry about that one. Net Meeting trying to access the web seems more weird than Adobe opening.

Nawtheasta View Member Profile	Nov 12 2009, 10:24 PM Post #8
Member Group: Members Posts: 140 Joined: 10-February 08 From: New England, USA Member No.: 189,491	Hi Stang777 This was the first time I have noticed Adobe start to open when I clicked a link to Breitbart in Drudge. Firewall did not alert about it. It just started to open. I have never used NetMeeting so it did not really know what was going on but suspected it could be bad. I just did a Google search for Breitbart Malware. One of the results was an article from May of this year by Errata Security that mentioned a SQL injection vulnerability ( I don’t have a clue what this means) in Breitbart. The article states that this means that hackers have probably compromised this site. I always assumed that sites like Drudge would be safe but I guess you never know for sure. Best Regards Nawtheasta

« Next Oldest · Breaking Virus & Security News · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 20th March 2010 - 09:07 PM

Advertise \| About Us \| Terms of Use \| Privacy Policy \| Contact Us \| Site Map \| Chat \| Tutorials \| Uninstall List
Discussion Forums \| The Computer Glossary \| Resources \| RSS Feeds \| Startups \| The File Database \| Virus Removal Guides