Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Symantec Intelligence

Symantec Intelligence Report: September 2012

Created: 08 Oct 2012 • Updated: 10 Oct 2012 • 1 comment • Translations available: 日本語, Português, Español
Paul Wood's picture
0 0 Votes
Login to vote

In this month’s report, we take a look at an often-overlooked side of malicious code: how attackers administer the Web servers that they use to spread spam and malicious code. We highlight a PHP-based tool in particular that is often used to control and manipulate the configuration of these Web servers.

The tool can run arbitrary PHP code, brute force file transfer and database accounts, and even allows quick access to Web server configuration files so that the attacker can edit them in order to suit their malicious needs. The attacker can easily obfuscate his or her code, making its function less apparent if viewed by the legitimate server admins. We’ve witnessed this tool being used to create spam-related websites and hosting exploit pages to compromise further computers.

We also take a look at a rather interesting Android application that attempts to trick the user into thinking that they can charge their device with nothing but the rays of the sun. The only problem is, Android devices do not contain solar panels—a critical component needed to turn light into electricity. Naturally the application can do nothing of the sort. Instead, it steals sensitive information from the user.

For further details on these stories and more, click to download a copy of the September Symantec Intelligence Report (PDF).

Comments 1 CommentJump to latest comment

acarr45's picture

Since the beginning of the virtual world and people sought the opportunity to do business, spamming has never stopped. No amount of stopping power has ever stopped these guys from adding their ads without participating and respecting other people's works. Too bad.


Login to vote