Nov 24 2009

Piloyd worm pwning exe, asp and html files in PRC

Published by at 2:49 pm under China internet,Other attacks

HT to Sunbelt for this article about the piloyd worm jacking up web pages in the PRC.  Not enough details yet to determine the vector.  According to Sunbelt’s article, it is 8/41 on virustotal.com.  I’ll update this post if I’m able to collect a sample for analysis.

Here are some details from  threatexpert.com.

2 responses so far

2 Responses to “Piloyd worm pwning exe, asp and html files in PRC”

  1. # BeatUpPrideon 25 Nov 2009 at 12:27 am

    I wonder how the creator came up with the list for Dictionary attack ? Though I have no proof, those are quite effective for a dictionary attack(Considering the size of the dictionary).

  2. # jumperon 25 Nov 2009 at 10:31 am

    I wonder how effective that dictionary is in China though.