China.com game site hosting malicious code

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ ThreatSeeker technology has detected malicious code hosted on China.com's game site. The malware is a variant of VBS/Redlof and is known to commonly infect files with the extension of "html", "htm", "php", "jsp", "htt", "vbs", and "asp".

This malicious download (MD5: e6df57ea75a77112e94036e5138bd063) is placed in a directory that appears to be reserved for game patch downloads. This virus attempts to spread itself by infecting all outbound emails sent by the victim with MS Outlook or Outlook Express.

Screenshot of site:



Screenshot of the malicious code:



More details on the Microsoft VM ActiveX component vulnerability (MS00-075)

0 comments