Drive by downloads, adobe exploits and a zeus variant trojan that is only detected by 2 of 43 Anti-virus products.
This is a good example of current threats that website operators as well as end users should all be aware of, a high profile site gets hacked and poses a signifcant threat to the end user.
Once downloaded and run, the PDF files exploit a vulnerability and make the system download a version of the ever-so-popular ZeuS Trojan.
According to Trend Micro’s Rik Ferguson, the server in question is located in Germany and is hosted by Netdirect – not a stranger to hosting malicious sites.
A few hours ago, TechCrunch tweeted that they “are aware of the (annoying) malware warning about the @TCEurope site”, and that they are trying to fix it.
The awkward phrasing makes me think they thought at the time that there was some kind of mistake and not a legitimate warning. The site hasn’t been taken down in the meantime, and there is no official
update on the situation.Ferguson warns that the ZeuS variant is currently detected by only 2 out of 43 anti-malware solutions used by VirusTotal, so it’s best to avoid the site altogether until they manage to clean its code.
