Code: Select all
ht**tp://***double.boubleba**relled.ws**/FrMalI'm curious how ABE determined it was a malicious code?
PS: Thanks for your great work Giorgio !
ABE blocked a potential malware
ABE blocked a potential malware
Hi today I was visiting this site http**://www**.chilenosencalifornia**.c*om/ and got a warning from ABE regarding it filtered a request from :
After a bit of research I found out that piece of code is being used on exploited websites to distribute malware.
I'm curious how ABE determined it was a malicious code?
PS: Thanks for your great work Giorgio !
I'm curious how ABE determined it was a malicious code?
PS: Thanks for your great work Giorgio !
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3
-
GµårÐïåñ
- Lieutenant Colonel
- Posts: 3365
- Joined: Fri Mar 20, 2009 5:19 am
- Location: PST - USA
- Contact:
Re: ABE blocked a potential malware
Because it attempts to make a local access to save the malware to be executed later. Since your standard ABE system ruleset denies such access to local system, it was thwarted.
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
________________ .: [ Major Mike's ] :. ________________
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3