malware

Programmatic Link Scanning

I'm looking for a programmatic link scanning solution. There are lots of home use software packages that will scan urls on a search results page and verify that those sites don't have malware on them, but I'm looking for a piece of software that you can do this programmatically. I want to be able to feed the code a url, have it do a remo...

What are good programming practices to prevent malware in standalone applications?

Does anyone have any thoughts on how to prevent malware attacks on standalone applications. Let's say this is a program on a Windows machine connected to the internet, this is the most common scenario. I'm also wondering what type of attacks are possible. I believe .NET will do some type of static check on the code before it runs it, ...

Is it more secure to store using a database or a file?

This question is from a decomposition of http://stackoverflow.com/questions/678471/what-are-good-programming-practices-to-prevent-malware-in-standalone-applications The question has to do with malware dynamically getting into a program by infecting data files which the program reads/writes. Is it safer to require data be stored in a...

Strange elements appearing in javascript rich text editors

There's been a rash of strange HTML form elements showing up in javascript-based rich text editors all around the web. The first evidence I can find of this is in the joomla forums a little under a month ago. Since then there have also been reports from drupal users and wordpress users, and there's now evidence of this all over the web...

Url filtering

I'm looking for way to verify whether a site is categorized in any url filtering databases. Does somebody know such database with free API? ...

how to get rid of b9g.ru iframe injected on to a website

I have done a website whose URL is http://www.netbramha.com Unfortunately after the end of each page, i have the following piece getting added <iframe src="" width=186 height=182 style="visibility: hidden"></iframe> The src is from b9g.ru. I have gone through all the required files and none of them have these and there in no entry o...

What this mean? .. can you help ???

My site got harmed by this site " spywarepc.info " ..don't even know what is this ? My site has been blocked by google ..? please help me out from this ..is it a malware ? ..if that how will i recover it ? ...

google chrome consider your site as malware

Hi, I just discovered that one of my site was considered by Chrome as a malware. Here's what is Google Chrome is showing: The website at ___ contains elements from the site ___, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware ...

Can anyone de-obfuscate this exploit?

I came across the following exploit due to a warning from my AV software. It originated from an adserver delivering banner ads on one of my sites. I have retrieved the content with Wget and copied to pastebin. http://pastebin.com/m6fa38fac [Warning: Link may contain malware - Do not visit from vulnerable PC.] Please note that you have...

How Big a Security Risk are Browser Extensions?

One of the more powerful features of modern day browsers is the ability for software developers to write browser extensions to enhance, modify and tweak the pages visited by the user. As more of our lives migrate onto the browser, aren't we potentially exposing ourselves to a massive privacy and security holes created by the installatio...

Hash-database of malware and such?

Is there any free database of hashes of malware? I'd like to get a real database of those hashes, so is there any place where this is possible to collect data? I've found http://www.team-cymru.org/Services/MHR/, but they don't offer a real database, only API access.. If not, do you have any idea how to collect it on "my own"? ...

How does this mess work?

My Joomla! website has been repeatedly hacked into. Someone, somehow, managed to inject the following rubbish into the key php scripts, but I mean not to talk about configuring Joomla. The site is not visited much (at times I fear I might be the only visitor to that site...) and I don't care much to have the site back up and running. I'l...

My Application's Auto-update utility is triggering Anti-Virus

I've created an auto-updating application which is distributed to 100s of users. The auto-update utility is being flagged by 55% of antiviruses on virustotal ( link ). My application was created in Delphi 7. Most of the flags are saying that this is Generic trojan/malware, obviously the software isn't actually malware (I'm the only one...

how to get the google list of dangerous sites

Hello, I need to check the url against Google list of dangerous sites, how I do that for windows application ? I will use Delphi. thanks ...

How to approach whitelisting an app/exe

We have an application that auto-installs upgrades of itself on our customers' (Windows OS/PCs) computers. It is lightweight (650K) and does a very specific task for our customers in helping us collect data for them as part of our overall service to our customers. It first checks our website to see if a newer version of the app exists an...

How to remove JS:Illredir-S [Trj] (virus) from website ?

My website www.edesimusic.net and www.juraatmedia.com is infected with JS:Illredir-S [Trj] malware. My site keep on getting infected with some redirects or js scripts or iframe script, after cleaning them I change my passwords and it comes again after few days. Can anyone tell me how to protect my websites properly and how to remove thi...

All PHP files getting hacked

Hey All, Like always, just want to say thank you for all of the help and input in advance. I have a particular site that I am the web developer for and am running into a unique problem. It seems that somehow something is getting into every single PHP file on my site and adding some malware code. I have deleted the code from every page ...

what does this attempted trojan horse code do?

It looks like this just sends a ping, but whats the point of that when you can just use ping? /* WARNING: this is someone's attempt at writing a malware trojan. Do not compile and *definitely* don't install. I added an exit as the first line to avoid mishaps - msw */ int main (int argc, char *argv[]) { exit(1); unsigned in...

Malware on a client's website - Ideas?

We recently got a call from one of our clients, complaining that their site has some "strange looking code" at the bottom of the page. We checked out the source code, and discovered that about 800 bytes of malicious javascript code had been appended to the templates/master file, after the </html> tag. I won't post said code because it lo...

regex question for removal of javascript malware

Been hit with some nasty javascript malware on my site. I know that each offending code block starts with the following: <script language=javascript><!-- (function() and ends with </script> I'd like to remove the nasty bits via regex on windows, using some sort of freeware regex replacement tool. Any suggestions here? Thank Yo...