Author Topic: Drive-by-Update  (Read 4698 times)

0 Members and 1 Guest are viewing this topic.

April 10, 2009, 01:12:52 am
Read 4698 times

carmen

  • Newbie

  • Offline
  • *

  • 5
Blog MiPistus in speaking of an infection technique called "Drive-by-Update".

http://mipistus.blogspot.com/2009/02/drive-by-update-para-propagacion-de.html
http://mipistus.blogspot.com/2009/04/drive-by-download-y-drive-by-update.html

Does anyone know anything about this?

Thanks!


April 10, 2009, 01:31:17 am
Reply #2

sowhat-x

  • Guest
In the first blog entry that you pointed to (dated back from early February),
most of the direct links mentioned there appear to be dead currently....
Yet,I was able to grab few stuff from the ThreatExpert report that he kindly provided...namely:
Quote
hxxp://m.wuc8.com/tt.txt
hxxp://a.wuc9.com/dd/1.exe
hxxp://a.wuc9.com/dd/4.exe
hxxp://a.wuc9.com/dd/6.exe
hxxp://a.wuc9.com/dd/9.exe
hxxp://a.wuc9.com/dd/10.exe

April 10, 2009, 03:24:01 pm
Reply #3

carmen

  • Newbie

  • Offline
  • *

  • 5
Thank you very much for the information  :D, however, no end to understand how this infection technique (Drive-by-Update), and with no more information than is found in MiPistus Blog.

Any comments?

Thanks again  :)

April 10, 2009, 03:34:46 pm
Reply #4

sowhat-x

  • Guest
Way far better than what I could describe it by myself in english language...  :)
http://en.wikipedia.org/wiki/Drive-by_download
Most usually it takes place via unpatched browser exploits though...