HackDig : Dig high-quality web security articles for hacker

Dubious downloads: How to check if a website and its files are malicious

A significant amount of malware infections and potentially unwanted program (PUP) irritants are the result of downloads from unreliable sources. There are a multitude of websites that specialize in distributing malicious payloads by offering them up as something legitimate or by bundling the desired installer with additional programs. In November 2019, w
Publish At:2020-01-07 16:50 | Read:347 | Comments:0 | Tags:How-tos certificate checksum download padlock scan trusted

Avoid: “I just hacked my friend’s account” Twitter spam

We’re seeing references to a website which claims to let visitors hack Twitter feeds of their choosing. It is, of course, all highly technical and they can’t possibly reveal the secrets of how they do it – it just works. Honest. The site in question is hacktwitterpassword(dot)com I just hacked my friends account with this website wow its w
Publish At:2016-04-04 14:55 | Read:3195 | Comments:0 | Tags:Cybercrime Social engineering download hack hacking password

“INTUIT Security Warning” Emails Lead to Fake Browser Update Malware

Users of popular accounting software Quickbooks should keep an eye out for this fake “Intuit Security Warning” themed email currently in circulation, encouraging you to update your browser with a zipped download. The email reads as follows: INTUIT Security Warning As of November 5th, 2015, we will be updating the browsers we support. We encou
Publish At:2015-12-02 22:45 | Read:6630 | Comments:0 | Tags:Security Threat browser download email malware spam

Imitation MSI Tournament Site Offers Up “Anticheat” Download

MSI are an extremely well-known manufacturer of all sorts of tech devices, with a particular flair for high spec gaming laptops. In fact, they tend to be used as bait in a lot of online scams, especially where competitions, drivers and VoIP are concerned. We recently came across a site located at msi-games(dot)com which has since been taken offline, and seem
Publish At:2015-11-03 15:00 | Read:5933 | Comments:0 | Tags:Online Security download gaming MSI software

MGS V: The Phantom Game Downloader

I’m not sure what I like more about the below site promising hacks related to Metal Gear Solid V – the promo splash of old timey Solid Snake (who isn’t actually the protagonist of the new game, instead featuring in the fourth iteration of the series from 2008), or the fact that specifications for the game are low, according to “Namibi
Publish At:2015-09-07 19:20 | Read:4576 | Comments:0 | Tags:Online Security download metal gear solid mgsv surveys train

Outbrowse and other bundlers

Author’s Note: We at Malwarebytes continue to do our part in educating our product users and constant blog readers about day-to-day online threats and how they can avoid falling prey to them. “PUP Friday”, our latest attempt at getting users acquainted with files they may need to watch out for in the Wild Web, offers an in-depth look at some interesting and
Publish At:2015-08-15 08:10 | Read:3547 | Comments:0 | Tags:Security Threat bundler download Pieter Arntz PUP PUP Friday

“See who visits your Twitter Profile” Spam: Blink and you’ll miss it

Maybe this spambot was watching Blade Runner and took note of that whole “burning twice as bright” thing, because the Bot’s brief lifespan was punctuated by a handful of high volume retweets claiming to reveal who had viewed your Twitter profile. Here’s one we saw – note the retweet tally. Check who visits your Twitter profile
Publish At:2015-03-11 18:05 | Read:4301 | Comments:0 | Tags:Privacy app bot download spam twitter

Manage and read your ebooks on Linux with Calibre

Reading books is still one of the most preferred activities by a lot of people, but with ebooks things became even easier. However, if you are an avid reader you do want to make sure that your books are organized efficiently, so this is where the importance of Calibre comes into play. This application has been created with the main purpose of keeping your bo
Publish At:2015-03-10 14:20 | Read:3180 | Comments:0 | Tags:Articles calibre convert download ebooks file floss gnu/Linu

HanJuan EK fires third Flash Player 0day

A new Adobe Flash zero-day, the third one this year so far, has been found in the wild via drive-by download attacks, according to firm TrendMicro. According to our telemetry, Malwarebytes Anti-Exploit has been blocking this zero-day since around December 9th, 2014. 2014-12-09 13:02:26: fjs.hevpazana.org/mhdj.swf Adobe released a security advisory and assign
Publish At:2015-02-04 06:25 | Read:4089 | Comments:0 | Tags:Exploits download drive-by exploit Malwarebytes

Tech Support website infects your computer before you even dial in

If you ever need help with your computer you may be interested in remote tech support. As we have written many times on this blog before, the road to finding a legitimate company is very treacherous. Many websites that are promoted via ads on search engines or pop ups often turn out to be impostors or crooks and it doesn’t matter whether they are overs
Publish At:2014-11-06 22:55 | Read:3778 | Comments:0 | Tags:Exploits Fraud/Scam Alert download drive-by exploit fake tec

Fileless Infections from Exploit Kit: An Overview

The exploit kit landscape is constantly changing and forcing security researchers to up their game. There was a time when payloads were not even encrypted and web servers actually not lying. Unique patterns, packets that match the size of binaries on disk, all make things easier for the good guys to detect and block malicious activity. But the reality is thi
Publish At:2014-09-27 01:00 | Read:3912 | Comments:0 | Tags:Exploits download drive-by exploit Malwarebytes

Imitation Softpedia Site Offers Up A PUP

You may well be familiar with Softpedia, which is a huge library of downloadable software and breaking news stories. We recently noticed a Softpedia mention on a Facebook post, except something didn’t look quite right with the URL: The URL in question is s0ftpedia(dot)pw and they’ve replaced the letter “o” with a zero (just in case i
Publish At:2014-09-26 04:00 | Read:3431 | Comments:0 | Tags:Online Security download install PUP softpedia

Convincing YouTube look-alike fires RIG Exploit Kit

The lure of salacious videos is often used to trick people into downloading and running malware. As you will see in this example, the bad guys went through enough trouble to make the page look real, from picking a similar URL to creating a convincing error message. The bait Note the URL which is bound to fool many people: hzzzp://www15.youtube.com.silssl.co
Publish At:2014-09-03 00:16 | Read:4486 | Comments:0 | Tags:Exploits download drive-by exploit youtube

Sub-domain on SourceForge redirects to Flash Pack Exploit Kit

We have talked about SourceForge before on this blog, in particular when they were associated with bundled software. This time around, we are going to take a look at an infected sub-domain hosted on SourceForge responsible for a drive-by download attack. Redirection overview The first redirection is located within a JavaScript file: hxxp://ydoqux.sourceforg
Publish At:2014-08-26 02:20 | Read:3860 | Comments:0 | Tags:Exploits download drive-by exploit vulnerability

Free – good or bad?

It’s always nice to get something for free. Or is it? There are really some free lunches on the net. But what appears to be free can have a hidden price, which often is paid by other means than money. Internet did for a long time lack payment models and everything on the net was truly free. This was fine on a net that was an academic tool and playground for
Publish At:2014-08-15 08:50 | Read:4921 | Comments:0 | Tags:Online Threats Privacy Security Uncategorized Web download f

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud