|
1. Been infected with spyware? Tell us about your problem. 2. Protect your PC from viruses, spyware. 3. For fast automatic spyware removal, try CounterSpy, SUPERAntiSpyware |
Wimamp exploit used to push spyware
The Winamp vulnerability in version 5.12 was announced at Secunia just a few days ago, details here. Note the Secunia advisory says “an exploit is publicly available”. Nullsoft released Wimamp 5.13 the same day the exploit was announced, but the spyware pushers saw an opportunity to infect more machines and make more money. SunbeltBLOG posted a Winamp exploit found in the wild today. A malicious Winamp playlist file (.pls) was discovered that causes Winamp to open and subsequently download an ugly CoolWebSearch infection called HomeSearch Assistant, also dubbed Trojan/Startpage.HSA, along with ransomware anti-spyware SpySheriff. The Sunbelt post states the exploit takes place from 008k.com, IP 195.225.177.27 at Netcathosting and recommends network admins and home users to block the site. Netcathosting is one of those ISP’s known to host spyware. Sunbelt also posted a screenshot of the hijacked browser showing domain lookfor.cc (link to dnsstuff.com).
February 6, 2006 on 12:30 am | In Exploits & Vulnerabilities | |Submit to: Digg | SlashDot | Del.icio.us
No Comments yet »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Previous Posts:
- How to remove new rogue antispywares Malware Bell and IE Antivirus
- How to remove softwarereferral/safewebnavigate hijackers and etlrlws toolbar
- How to uninstall combofix
- Found new rogue antispyware programs
- How to remove braviax.exe/cru629.dat/users32.dat malware
- VirusHeat rogue antispyware - How To Remove
- Fresh updates to Ad-Aware and SpyBot-search & Destroy
- How to remove core.cache.dsk and parportt.sys
- How to remove CID popups
- How To Remove cyberstoll.com, search-daily.com hijacker and WebHancer spyware
- How to remove Video Add-on and antispyware/security toolbar 7.1
- Trojan Vundo/Virtumonde turns a good file into a Trojan-Dropper
- How to make Internet Explorer more secure
- New updates to Ad-Aware and SpyBot-search & Destroy
- How to remove webcry.com hijacker
- Found first Christmas malware
- Found some new fake codecs
- Cannot View Hidden Files And Folders. How to fix
- Hijacker will not let me download anti spyware program - how to fix
- How to fix shell.exe, spoolvs.exe problem
Categories:
- Pop-Up Blockers and Firewalls (rss) (5)
- Adware (rss) (10)
- Anti Virus Software (rss) (11)
- Best Programs (rss) (3)
- Browser Hijacking (rss) (13)
- Critical patch (rss) (21)
- Exploits & Vulnerabilities (rss) (58)
- FAQ (rss) (8)
- Free Software (rss) (63)
- Identity Theft (rss) (8)
- Internet Browsers and Mail and News readers (rss) (12)
- Linux (rss) (4)
- Malware (rss) (11)
- Online Scanners (rss) (11)
- Phishing (rss) (2)
- Rogue Anti Spyware (rss) (34)
- Rookit (rss) (3)
- spyware (rss) (2)
- Spyware protection and removal (rss) (74)
- Tips (rss) (78)
- Trojan (rss) (35)
- Tutorials - "How to" (rss) (65)
- Updates (rss) (16)
- Virus (rss) (19)
- Worms (rss) (14)
Archives:
- May 2008 (1)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Blogroll
- Sans Org - Internet Storm Center
- Spyware RU
- Sun Belt Blog
Help Us:
- MyAntiSpyware needs your support. Please make link from your site to us.
Use the button:
MY ANTI SPYWARE Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds.
Valid XHTML and CSS. ^Top^