Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Submission + - "Printer Bomb" Malware Spread Via Compromised .htaccess Files ( 2

wiredmikey writes: In late June, security researchers discovered malware that had been launching junk print jobs that waste paper until the printer runs out. Symantec calls the printer malware Milicenso, or the “Printer Bomb”, and code examination marks it as a variant of a malware delivery system discovered in 2010.

Today, after conducting additional research on Trojan.Milicenso, researchers determined that the threat is propagated by a compromised .htaccess file that launches a redirection Web attack. So far, Symantec has been able to count at least 4,000 websites that have been compromised by the cybercriminal(s) behind the attacks.

Research shows that the attack dated back to at least 2010, and the attacker(s) used different domain names to prevent them from being blocked or blacklisted. According to Symantec, “In 2010 and 2011, the gang moved to a new domain every few months. But in 2012, they changed domains almost every day."

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

"Printer Bomb" Malware Spread Via Compromised .htaccess Files

Comments Filter:

Real Programs don't use shared text. Otherwise, how can they use functions for scratch space after they are finished calling them?