http://www.hexus.net/content/news/ne...lld19JRD0xNjIzQuote:
The P2Load.A worm redirects users to a fake Google website on an infected machine, delivering hacker-controlled search results to direct a user wherever the hacker pleases.
Printable View
http://www.hexus.net/content/news/ne...lld19JRD0xNjIzQuote:
The P2Load.A worm redirects users to a fake Google website on an infected machine, delivering hacker-controlled search results to direct a user wherever the hacker pleases.
a good protection for this is to enable the read only config of HOSTS from spybot search & destroy.
Indeed. However, if you get to a machine that's already spywared up, you have to fix the hosts file before you can actually get to the spybot download page XD.
thats what USB keys with all the kit you need on it are for Steve :P
Nah I wonder around with a CD in my pocket aptly labelled "ZOMG Toolz!!11"... it's true.
lol "Steve's 1337 hax0r tooz!!" :)
I suspect the worm is also attempting to poson DNS entries. I am seeing a lot of traffic on the firewall logs on my home linux box. The probes are from a lot of different places which normaly means there is a virus out there.
Edit:
Today's logs show arround 700 probes from 351 different IP addreses. Looks like this one will be with us for a while.