New Dorifel-variant downloading the zero access rootkit not detected:
https://www.virustotal.com/file/6d32a06be42f9c9b09038279d5121c8f9edd3fc3d5c670f3691d20d92dcddbff/analysis/1348728915/#additional-infoTime for TDSS killer investigations from our malware removal experts, zero access rootkit to perform clickfraud is a mighty nasty threat at the moment going under the av radar. The new Dorifel variants seems to be more aggressive as the former...
Malware produces a new unique hash making it harder to detect, This domain was registered:
https://forum.perfect-privacy.com/member.php/?u=4578The ransom hijacker uses a picture of Mohamed Ali, formerly known as Cassius Clay A special Dorifiel decrypter should be used for the encrypted documents:
http://www.surfright.nl/nl/support/dorifel-decrypter. Information from SurfRight's and kudo's go to Mark Loman and Fabian Wosar...
polonus
P.S. Regarding Perfect Privacy Forum, like to add the following security information:
web bug detector gives a webbug on that very page:
https://forum.perfect-privacy.com/member.php/cron.php?s=073e2639f73d26cb026449410960b785&rand=1351336814 so that is not very encouriging for establishing the right privacy circumstances,
and makes the site vulnerable to attacks, see:
http://drupal.org/node/1080486 (link article author Drew Mathers).
It should be protected from the protect it from the webserver layer.
Executing code on your webserver from remote is always a security risk.
cron.php only runs once, so the risk is not that extreme,
but users of Drupal should be aware to not give access.
Renaming cron.php is no option, because it is security through obscurity.
Private cache control is alerted for not following best practice, no secure attribute for cookie bb sessionhash
settings not secure for x-content-type-options N/A x-xss-protection N/A x-frame-options
N/A x-content-security-policy N/A strict-transport-security N/A
Check this yourself using the Recx Security Analyzer extension on that page.
Privacy ratting does not go further as a meagre 70,
Damian