tag:blogger.com,1999:blog-446873836886549311.post7058038431872049746..comments2023-08-19T07:31:46.977-07:00Comments on Malware Intelligence Blog: Black Hole Exploits Kit. Another crimeware in addition to criminal supplyUnknownnoreply@blogger.comBlogger23125tag:blogger.com,1999:blog-446873836886549311.post-31813413551723503412011-05-05T06:48:10.663-07:002011-05-05T06:48:10.663-07:00Hi men, you have some urls? Maybe, I can help you....Hi men, you have some urls? Maybe, I can help you.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-52928271169104782522011-05-05T01:12:17.242-07:002011-05-05T01:12:17.242-07:00Multiple people here in Holland got the same shit ...Multiple people here in Holland got the same shit the past 4 days, is this a new breakout ? I'm trying to find where it's coming from since some of our company's systems are infected too.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-62339119228312796272011-04-13T03:07:12.599-07:002011-04-13T03:07:12.599-07:00I was right. It IS a form of malware.
I recommend ...I was right. It IS a form of malware.<br />I recommend downloading or using a good anti-malware programme, then running 'system restore' and setting your computer back to an earlier checkpoint.<br />Worked like a charm for me and so far have had no more 'black hole' warnings or webpage redirections.<br />Best of luck getting rid of this everyone!<br />-AAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-6996850233923176672011-04-12T07:08:49.887-07:002011-04-12T07:08:49.887-07:00I have a theory about the 'Blackhole' viru...I have a theory about the 'Blackhole' virus which AVG is supposedly blocking. I think that it is a form of malware posing as a respected antivirus software (In this case- AVG).<br />I have to admit, it's pretty convincing, but as the REAL AVG programme and website have no information about 'black holes' I can only assume it's a malware posing as AVG (Just like other Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-12612270390217226062011-04-07T16:57:12.460-07:002011-04-07T16:57:12.460-07:00http://docs.google.com/viewer?a=v&q=cache:j6Y3...http://docs.google.com/viewer?a=v&q=cache:j6Y3dmcv8F4J:www.f-secure.com/weblog/archives/The_Case_of_TDL3.pdf+TDL3&hl=nl&pid=bl&srcid=ADGEESgp00PXmgHwciOM-Vq9EaPYpTfDUtF4nogSG0swx10-R3uOzeZ1a54e6tbBqEY3AgmZvHifHBjk8TO6sDPUAlzU-ivgNBs4yEplH_wKe1uk85DEwbewd6ABqQ3eoLFVT9W0rWFE&sig=AHIEtbR_K4Rt7apPxmcsSPTF71nIewaLUw<br /><br />Working of the virus...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-39451612532595301502011-03-31T21:20:47.370-07:002011-03-31T21:20:47.370-07:00I had a similar condition while browsing in IE 8. ...I had a similar condition while browsing in IE 8. AVG pro reported <br /> "mve4.co.cc/track.php?lp=80eabe9c8dc0fbbb<br />Exploit Backhole Exploit Kit(type1889)<br />Process name: C:\Windows\System32\svchost.exe<br />ID:1872<br />Virus scan did not find anything. Adaware free found nothing. Now one day later Windows XP will repeatedly cycle the restart but will not start even in safe mode itAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-50971522611166742602011-03-29T23:05:56.525-07:002011-03-29T23:05:56.525-07:00It's people that work at Google!It's people that work at Google!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-77371512684034797412011-03-25T10:04:49.275-07:002011-03-25T10:04:49.275-07:00I had AVG stop two ... M23m.in/index.php?tp
...I had AVG stop two ... M23m.in/index.php?tp<br /> 64.247.180.8/Home/inAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-944046849076880572011-03-25T01:08:00.917-07:002011-03-25T01:08:00.917-07:00Just had three of these come up myself, from "...Just had three of these come up myself, from "apotek-keluarga.com" - three different pages of whatever this site is. Exploit Blackhole Exploit Kit (type 1380). No idea what it was, I was on YouTube at the time.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-4930814284509510382011-03-24T02:08:21.463-07:002011-03-24T02:08:21.463-07:0024-03-11
3 things have happenend in last 24 hours...24-03-11<br /><br />3 things have happenend in last 24 hours: - had phone call from abroad claiming to be a Microsoft approved company and trying to get me to open Teamviewer to help sort out an infection on my computer that had been detected ( I didn't);<br />Whenever i am on Google homepage and press enter it goes to "blank page"; ran AVG, SpyBot, Malware byte - nothing found; Jonathannoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-77995774779742956872011-03-14T04:37:17.184-07:002011-03-14T04:37:17.184-07:00I've got it with Somud, 1889 Blackhole, and bl...I've got it with Somud, 1889 Blackhole, and blocking and with a scan nothing.. but remains: how to get rid of it?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-89378856776995126352011-03-11T03:08:30.706-07:002011-03-11T03:08:30.706-07:00Same messages, as soon as i go start a brower my s...Same messages, as soon as i go start a brower my system is hijacked by local and network services that run off to seemingly random mundane consumerist pages, leaving loads of tracker cookies and clutter, pages of garbage left behind. it shows itself under the processess tab in task manager by way of a hyper svchost.exe file. Ending the process from here frees up the resourses and it goes dormantAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-1870858798270559692011-03-09T14:26:01.215-07:002011-03-09T14:26:01.215-07:00I just got the same thing today while in Hotmail. ...I just got the same thing today while in Hotmail. AVG said it was blocked, and I can't find it anywhere in my hard drive, but it also doesn't show up in the virus vault on AVG. So, how can you find out if you're infected or not?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-593051769875750112011-03-09T12:03:35.916-07:002011-03-09T12:03:35.916-07:00The panel access is in vfg2.co.cc/adm.phpThe panel access is in vfg2.co.cc/adm.phpAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-86447382865528772172011-03-09T11:25:28.982-07:002011-03-09T11:25:28.982-07:00OK, It just happened again. That makes the third ...OK, It just happened again. That makes the third time (I have the post above from 3/7)<br />I copied the AVG Threat Warning:<br /><br /> "Danger: AVG Active Surf-Shield has detected active threats on this page and has blocked access for your protection. <br />The page you are trying to access has been identified as a known exploit, phishing, or social engineering web site and therefore has Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-76255601974549258802011-03-07T20:51:04.773-07:002011-03-07T20:51:04.773-07:00It's happened twice to my computer...first tim...It's happened twice to my computer...first time a couple days ago and then again today. AVG locked up everything and blocked it. Both times I was in Hotmail. Both times it said ".....(type 1384)" But then when I clicked on "further information" and went to AVG's site I got no info. Their early suggestions on their warning didn't produce any search results. And Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-6132783504914835812011-03-07T18:02:07.407-07:002011-03-07T18:02:07.407-07:00I was trying to access one of my OWN files which I...I was trying to access one of my OWN files which I have uploaded to MediaFire.com when I got this AVG message about "Exploit Blackhole Exploit Kit (1889)". I also noticed I had a pop-up in the background from My-Quickpay.com. I suspect THIS is the culprit in my case.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-46153438757724818912011-03-07T11:35:53.560-07:002011-03-07T11:35:53.560-07:00i just got exploit black hole exploitkit (type1889...i just got exploit black hole exploitkit (type1889) blocked to by a v g reading hotmail,what does this thing do!!!!.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-82273157386692494992011-03-06T17:48:57.129-07:002011-03-06T17:48:57.129-07:00got it on FB too...are you supposed to download a ...got it on FB too...are you supposed to download a fix?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-45032027772831418252011-03-06T06:48:26.760-07:002011-03-06T06:48:26.760-07:00Just received message that my AVG blocked one of t...Just received message that my AVG blocked one of these viruses. Well done AVG, but how long will it last?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-12252189971291977052011-03-05T14:09:38.138-07:002011-03-05T14:09:38.138-07:00Well, i suggest everyone to lookout. Just got it t...Well, i suggest everyone to lookout. Just got it too.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-64537746178178350232011-03-03T15:15:57.609-07:002011-03-03T15:15:57.609-07:00i am looking for that as well. My avg jsut blocked...i am looking for that as well. My avg jsut blocked the same thing .. so far all I can find is it does hijack your system and was developed in Russia. Searching on AVG U find nothing.. Im going to FB avg and see if I can get an awswer .My I suggest that you do the same .Good luckAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-446873836886549311.post-59277227016410962092011-02-27T09:02:10.797-07:002011-02-27T09:02:10.797-07:00Re this Exploit Blackhole Exploit Kit (type 1889):...Re this Exploit Blackhole Exploit Kit (type 1889): I have had AVG AntiVirsus stop two different file names: one - cvi2.co.cc/index.php?tp=AE63b0732f49eaa2 and two - fj42.co.cc/index.php?tp=993b80a2f5976635. Both were stopped on two different websites. The first one was stopped when I was downloading from "somud", the second I was reading news on a Yahoo page. A search of the files in myAnonymousnoreply@blogger.com