Flickr Credit: Raqib

Our security research team is constantly monitoring what is happening on the Web that we at AVG should be aware of.

Looking for malicious URLs, exploits, new obfuscation techniques are just a few of the tasks we are doing 24x7 to ensure we provide you the best security.

However, fun is also part of our work, and we try to keep that at a high level. It looks like hackers are also doing their daily work and probably looking for some fun as well.

The constant battle with hackers leads us to funny situations like the one we found today. It looks like this hacker was hit by security product blocking his web attacks, however he/she does not give up and keep on trying to hide the attacks …. as the song/exploit says - ‘show must go on’.

On our research today, we came across the URL showing below: yet another obfuscated exploit script trying to exploit the browser and install a malware. We have seen this for the last six years.

However, we found the obfuscation string used by the hacker as our ‘story of the day’ that makes fun in our work.

Note to the embedded string in the obfuscated buffer: ‘sh ow mu st go on’

On a separate script file, the hacker replaces this funny sentence with the escaping character % to execute it with the Eval() method. This in turn injects a whole set of exploits and Iframes to infect the user with the malware.

Who said hackers do not want fun in their work as well?

This post was authored by Yuval Ben-itzhak

Read more here: AVG | Top Threats

Tags | AVG virus alert