PDA

View Full Version : Cunning little malicious website



The Error Guy
16-03-2011, 07:50 PM
Looking for infor regarding a san disk cruzer drive when chrome popped up an error re security and began running a "scan". for the 1st 1\5 secs I was completely fooled. It looked largely legit. I was thinking chrome is far to smart for itself, now it can do virus scans? Then I checked the URL, which wasn't something like Chrome://scans

Just tested on IE 8, looks like this thing is a very smart cookie. I must admit chrome was a much more believable interface but it custom tailors the web page to your OS and browser version.

I'd say this probably has some solid code for doing some nasty stuff.

here's the URL (use at extreme own risk i'd say)
http://scan67.husireadd.co.cc/index.php?Q2nhtNRxbWNGRnrgMxJFASwGE4/4KzfMoX3yrge3pEHV6C8whN8pm1HSq3XgsVpRsO+l9CkGHF4wQ 5tdoFzMGETkZfzJve1JKYQCS0Qf
If someone can report this to "the internet" :p or googles malicious site folks that would be good. unfortunately i'm a bit busy to be hunting them down atm

EDIT, seems both the top links from the google search contain the malicious code (http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=San+disk+cruzer+fails+to+intiailise) Must be using bots to push up the search rankings. Very cunning since google is pretty tight re bots + ranks

wainuitech
16-03-2011, 09:15 PM
Give Chill a PM, hes after infected sites to do some testing of AV's - may be of interest.

fred_fish
16-03-2011, 09:32 PM
Think I confused it, I just get a blank page :)

waldok
17-03-2011, 01:39 AM
I think it's possible to do everything it does in a web page (through the misuse of HTML5) so it hasn't necessarily compromised your PC. It might try to do something to your computer just by visiting but I suspect it's more likely that it will try to convince visitors to download a trojan or scamware. Might be worth having a go in a virtual machine to find out what havoc it causes.
cheers
W