Select Page

Bransonchamber2134234png

Along the same lines of the Northwestern Bank compromise last week, the Branson Lakes Area Chamber of Commerce is also compromised, serving exploits.

Bransonchamber

(Do not visit the exploit sites below unless you know what you’re doing.)

GET-hxxp://www.bransonchamber. com
GET-hxxp://mumukafes.net/trf/index. php
GET-hxxp://333.gosdfsdjas.com/index. php
GET-hxxp://333.gosdfsdjas.com/l. php?i=1

|
|
V

Zbot config and drop:
GET-hxxp://agreement52.com/cnf/shopinf. jpg
POST-htxx://agreement52.com/shopinf/gate. php

Also, checks into server “67.231.246.218” on port 553

Serves a Zbot trojan.

Alex Eckelberry
(Thanks Adam and Francesco)

Update 4/15/2010: The situation is now resolved. The site is no longer serving exploits.