Wednesday, September 19, 2007

Blogger\Blogspot Malware: Reloaded

I got two links yesterday from Chuck, of The Real Blogger Status and boy oh boy, they sure did not disappoint.

After clicking a single link, each leading to an .hk(Hong Kong) domain and sitting there a few minutes while IM'ing Chuck, things started to happen and happen fast.

First hint was Process Explorer activity. I noticed in my task tray it began to get jumpy and was figuring I'd see the same as
last time. But no, this was not the same.....this would turn out to be much worse.

The activity got so crazy I was expecting the machine to freeze up, but it didn't. It maintained a balance of activity with files loading and deleting themselves for at least 45 minutes. In that while I got Drive Cleaner installed as well as a few rootkits too.
See The Carnage Here

No comments: