12-19-2012, 07:50 AM
Join Date: Feb 2008
Carrier: TDC Mobile
Post Thanks: 0
Thanked 0 Times in 0 Posts
| | Forum Issue
Please Login to Remove!
Today I visited your site from a customers laptop and Trend Micro blocked 2 files beeing dropped on the PC.
Further investigation showed an old JRE 1.6U15 as the entry point.
The page also seems to try and install what looks like Adobe Flash Player 11.3. I don't know if this is the real Adobe Flash Player installer or just a GUI for the virus.
After updating Java the site now tries to make the IE user accept/install/run "DeployJava1.dll" from "Oracle, America" instead.
One of the pages having the infection is this:
www . blackberryforums . com/bes-admin-corner/108139-contacts-lookup-bes-domino.html
I does however seems to be all or at least all of the post I have been reading.
Please look in to this issue.