Drive by downloads, adobe exploits and a zeus variant trojan that is only detected by 2 of 43 Anti-virus products.
This is a good example of current threats that website operators as well as end users should all be aware of, a high profile site gets hacked and poses a signifcant threat to the end user.
Once downloaded and run, the PDF files exploit a vulnerability and make the system download a version of the ever-so-popular ZeuS Trojan.
According to Trend Micro’s Rik Ferguson, the server in question is located in Germany and is hosted by Netdirect – not a stranger to hosting malicious sites.
A few hours ago, TechCrunch tweeted that they “are aware of the (annoying) malware warning about the @TCEurope site”, and that they are trying to fix it.
The awkward phrasing makes me think they thought at the time that there was some kind of mistake and not a legitimate warning. The site hasn’t been taken down in the meantime, and there is no official
update on the situation.
Ferguson warns that the ZeuS variant is currently detected by only 2 out of 43 anti-malware solutions used by VirusTotal, so it’s best to avoid the site altogether until they manage to clean its code.