The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
01/03/2015

Downloader.Chanitor

Type:  Trojan
Discovered:  03.01.2015
Updated:  03.01.2015
Affected systems:  Windows 2000, Windows 7, Windows 95, Windows 98, Windows Me, Windows NT, Windows Vista, Windows XP
AV Vendor:  Symantec

Description:

When the Trojan is executed, it creates the following files:
  • %AppData%\Windows\
  • %AppData%\Windows\winlogin.exe

The Trojan creates the following registry entry:
HKEY_CURRENT_USER\Software\Microsoft\Active Setup\Installed Components\05F16C88-71D3-42C1-BB4F-E9BAF7DB4A9E\"cfg" = "{[GUID]}SERV }[HOSTNAME]"

The Trojan creates the following registry entry so that it runs every time Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"winlogin" = "%AppData%\Windows\winlogin.exe"

The Trojan may connect to the following domains:
  • api.ipify.org
  • ho7rcj6wucosa5bu.tor2web.org

The Trojan then downloads and executes files from a remote location.

    Security Advisories Database

    Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

    A remote attacker can execute arbitrary code on the target system.

    07/21/2015

    SQL Injection Vulnerability in Piwigo

    SQL inection vulnerability has been discovered in Piwigo.

    02/05/2015

    Cross-site Scripting Vulnerability in DotNetNuke

    A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

    02/05/2015

    Cross-site Scripting Vulnerability in Hitachi Command Suite

    A cross-site scripting vulnerability was found in Hitachi Command Suite.

    02/02/2015

    Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

    An attacker can perform a denial of service attack.

    01/30/2015

    Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

    An attacker can perform a denial of service attack.

    01/30/2015

    Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

    An attacker can perform a denial of service attack.

    01/30/2015

    Denial of service vulnerability in Linux Kernel splice

    An attacker can perform a denial of service attack.

    01/29/2015

    Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

    An attacker can perform a denial of service attack.

    01/20/2015