Mangaung website hacked, serving malware

Just another reason to use Google Chrome, instead of the other browsers.
 
Just another reason to use Google Chrome, instead of the other browsers.

Lol, using Chrome does not mean anything. hehe. At all.

The fact that people can detect this virus means its pretty out dated. In the virus world two weeks is outdated.
 
List of antiviruses detecting the virus

The fact that people can detect this virus means its pretty out dated. In the virus world two weeks is outdated.

What's interesting is if you go and read up about the viruses those AVs detect from the guys who actually have an entry in their public database about it, the behaviour of this malware doesn't always match up with what they have.

The closest they get from what I can see is "Trojan: displays generic trojan characteristics."

That said, the important thing is that they detect it, of course.
 
What's interesting is if you go and read up about the viruses those AVs detect from the guys who actually have an entry in their public database about it, the behaviour of this malware doesn't always match up with what they have.

The closest they get from what I can see is "Trojan: displays generic trojan characteristics."

That said, the important thing is that they detect it, of course.

Thats cause its crypted. When I crypt something on my side I get the exact same results. The AV knows its been crypted, but because its crypted doesnt know what it is.

Say I get a bitcoin miner, and put it through a virustotal scan. It says bitcoin.miner in about 80% of them. If I crypt the stub and then put it through virustotal.com it comes up on perhaps 3 of the virustotal checks with that generic.trojan or generic.injection.

Crypting services are pretty cheap. $45 for 3 months. Its a monthly subscription thing because they have to keep changing their code. Your encrypted stuff will only be FUD for about a week.
 
Last edited:
So how would this infect someone who visits the website?
Does it automatically download and execute, or do I get asked if I wish to run/save the file?

EDIT: Nevermind, website wasn't loading pics, now I see it.
 
Last edited:
lol,still doing it today (trying to download it to my ubuntu machine).
 
a Windows executable is automatically downloaded to your computer when you visit the website of the Mangaung municipality.

Wonderful name for a municipality.
What reason would there be to visit their website ?
 
Top
Sign up to the MyBroadband newsletter