Author Topic: google-analitics[dot]net directs to Phoenix exploit kit  (Read 6517 times)

0 Members and 1 Guest are viewing this topic.

March 04, 2010, 07:08:56 pm
Read 6517 times


  • Administrator
  • Hero Member

  • Offline
  • *****

  • 3335
ISC SANS reported this story today.

There is a number of ad servers which contain an iframe to
Code: [Select]
google-analitics[dot]net directs to a Phoenix exploit kit.
Code: [Select]
A second instance of the exploit kit can be found there:
Code: [Select]
Payload of Phoenix kit is Zeus.

ad urls directing to google-analitics[dot]net.
Code: [Select]
Ruining the bad guy's day