Skip navigation.


P2P - MP3 Exploit


I have noticed a large amount of MP3 Files which are the first, at least that I have heard of, which are capable of exploiting the Web Browser.

The MP3 Will be about 3MB-6MB, imitating an actual music file.
It will show in WMP as a length of 0:01
When you try to play it, it will state that the extension does not match the format. Windows Media Player will give you the option of continuing playback. Of course someone who wants to hear their favorite song will click Yes...

The MP3 is actually loaded with a link a link to a malicious website.

Afghan bombing kills President Bush as subject (watch.exe)

| |

"We stumbled across an e-mail today with the subject line “Afghan Bombing kills President Bush.” Time after time we see social engineering used to entice unsuspecting users to infect themselves and the subject line of this e-mail is proof of that.

Here is what the e-mail looks like. The body doesn’t really make much sense but I’m sure many will just read the subject line and click on the link despite this fact."

Info: here

Cabir (Caribe.a) - Source code


Hi people, After a long time, one decent post perhaps ;)

This worm is a mobile malware, also the alias of the infamous Cabir.a

The author has originally named it Caribe.a, and this worm looks like some C/C++ code.


The source code as usual, is uploaded for you ;)

Download here

Cheers :)

Zombie attacks


Hey, I was wondering if anyone knows of some good sources concerning Botnets I am collecting and reviewing papers, research, applications, etc. which address bot detection, and identifying sources of actual bots. This is for my research for college. Thanks for any help.

Samples of injection


The contents os b.js is:

Which loads and a trojan

I hope it helps

looking to make exe UNDETECTABLE..


im new here and was wondering weather anyone would be intrested in making a few exe files undetectable by antiviruses for me, these are malware spreading files.
im willing to pay for this and have to say i will be needing this service alot and also on a regular basis..
iv been told i may be able to get a custom made FUD cryptor, which may help do the job, but unable to find someone who would like to do it.
so if u can help please email me the price u can offer on sonalparmar5(at) and all the bits of info id need.
thanks and hope someone can help

Apple Fixed Piggybacking Issue in Software Update

If you are using Apple application in Windows, i'm pretty sure you encountered this.

Couple weeks ago there has been a series of reaction specifically those who understands information security, criticizing about Safari 3.1 piggybacking or stealth installation through Software Update. [full story here]

The interesting news, Apple listened and fixed this issue in its latest Software Update tool for Windows version 2.1.

Apple fixed the issue by creating two sections: (1) Updates (2) New Software. This shows that Safari 3.1 is no longer piggybacking in software updates since it has its own category as New Software, which is good.

But, the tick boxes were still filled-in by default? [full story here]

Obfuscated Javascript?



I'm looking for samples of malicious obfuscated javascript.
Also interested in Neosploit sources.

Thanks in advance,

Looking for Latest Graphic Device Interface(GDI) Vulnerability samples


Hi all, I'm looking for sample images of the vulnerabilities in Graphics Device Interface EMF formatted images released few days ago from Microsoft. The exploit (named "top.jpg") contains functional payload and downloads secondary file (word.gif) and in return downloads additional malicious code. The exploit image is detected by Symantec as HTTP GDI EMF Remote Code Exec and the malicous code detected as Trojan.Emifie. Thanks in advance.

exploit toolkits analysis and info


don't know if this site has been mentioned here before but i came across it today trying to find the neo sploit toolkit. this site gives a pretty good analysis of the latest exploit toolkits around. makes for very interesting reading.

check it out for yourselves.

Syndicate content