Tag Archives: Virus Lab

WordPress and Joomla websites get hacked with fake jQuery

Hackers use the popular jQuery library to inject malicious code into websites powered by WordPress and Joomla.

JQuery is a very popular JavaScript library. The basic aim of this library is to erase the differences between implementations of JavaScript in various web browsers. If you have ever tried web coding you know how tedious it can be to make the code do the same thing in different browsers. Sometimes it is a really big challenge. In such situations, this library can be very useful.

Of course it is only a matter of time until such a well-known library gets the attention of those who want to use it for different purposes other than web coding. Fake jQuery injections have been very popular among hackers. And that brings us to one of the most popular infections of the last couple of months –  the attack that injects fake jQuery script into the head section of CML websites powered by WordPress and Joomla.

What does it look like?

jQuery hack source codeThe script is located right before the tag </head> so as a normal visitor you can’t notice anything unless you look into source code

In search of the perfect instruction

      No Comments on In search of the perfect instruction

Knowing the language of common microprocessors is essential for the work of virus analysts across the AV industry. Each program you run – clean, malicious, no matter – is actually a set of commands (called instructions) specific for particular processors. These instructions can be very simple, e.g. addition of two numbers, but we can see […]

Tiny Banker hidden in modified WinObj tool from Sysinternals

The Tiny Banker Trojan is spread by email attachments. Tiny Banker aka Tinba Trojan made a name for itself targeting banking customers worldwide. The Avast Virus Lab first analyzed the malware found in the Czech Republic reported in this blog post, Tinybanker Trojan targets banking customers. It didn’t take long for the malware to spread globally attacking customers […]

Android malware Fobus now targeting users in the U.S., Germany and Spain

Mid January we informed you of a data-stealing piece of Android malware called Fobus. Back then Fobus mainly targeted our users in Eastern Europe and Russia. Now, Fobus is also targeting our users in the USA, United Kingdom, Germany, Spain and other countries around the world. Fobus can cost its unaware victims a lot of money, because it sends […]

Programmieren Antivirensoftware-Hersteller Viren, um ihre Produkte zu verkaufen?

Frage der Woche: Warum jagen Avast und andere Antiviren-Anbieter uns Angst ein mit all den Nachrichten über Viren und gefährliche Apps? Das weckt die Vermutung, dass die Antiviren-Hersteller selbst hinter der Entwicklung neuer Schadprogramme stecken. Avast und andere seriöse Antivirenhersteller stecken natürlich nicht selbst hinter Schadprogrammen – es gibt genug davon, ohne dass unsere Entwickler […]

Malware authors go a step further to access bank accounts

Malware authors like to play hide-and-seek. Social engineering tactics and hiding executable files inside trusted PDFs and Microsoft Office documents then emailing them as attachments are nothing new, but sometimes this one layer isn’t enough. This Avast Virus Lab analysis peels back the layers of a new threat. Malware authors continually surprise us with their creativity. […]

Porn clicker app slipped into Google Play imitating popular Dubsmash app

Everyone from celebrities like Lena Dunham to Hugh Jackman are using the (currently) seventh most popular app available on Google Play: Dubsmash. Dubsmash is an app with more than 10 million Google Play installations that lets users choose a sound, record a video to go along with the sound and send their dub to their […]

Why some people would rather be right than believe a malware warning

Would you rather trust the virus experts or your instincts? Every day 140,000 people connect their USB flash drive or mobile phone to a computer, and get a warning from Avast about an infection called LNK:Jenxcus. Which kind of person are you? Many of them act on that information from their trusted Avast Antivirus security […]

Mobile Crypto-Ransomware Simplocker now on Steroids

In June 2014, we told you about mobile ransomware called Simplocker that actually encrypted files (before Simplocker, mobile ransomware only claimed to encrypt files to scare users into paying). Simplocker infected more than 20,000 unique users, locking Android devices and encrypting files located in the external storage. Then, it asked victims to pay a ransom […]

Fobus, the sneaky little thief that could

      No Comments on Fobus, the sneaky little thief that could

One small Android application shows lots of determination and persistence. Too bad it’s evil.   The year 2014 was significant with a huge rise in mobile malware. One of the families impacting our users was malware Fobus, also known as Podec. This malware poses as a more or less useful application, but for sure it […]