Blog | G5 Cyber Security

How to Run a Scareware Campaign

The infection routines being used by some scareware and rogue AV gangs are more comprehensive than many current analyses have shown, experts say. An analyst at the SANS Internet Storm Center has been taking apart a malicious PHP script which the rogue AV gang is using to infect every one of the PHP scripts on all of the sites hosted on a compromised Web server. The attack relies on the insertion of a one-line addition to the beginning of each legitimate PHP script on the site, which ensures that the attacker s code is executed every time the script is called.

Source: https://threatpost.com/how-run-scareware-campaign-070110/74171/

Exit mobile version