Fascinating and chilling at the same time. Let's hope Savvis and Layered Technologies get that site down quickly.
suzi | Homepage | 01.11.06 - 8:04 pm | #

To be fair, you might want to use Symantec AntiVirus version 10.02
Version 8 is at least 3 years old. Even if you are using the newest virdefs, you do not get the functionallity version 10 offers.
John Sn | 01.12.06 - 11:40 am | #

Yeah, I have no control over that. Virustotal uses whatever engine they use, fully updated.

I will look at using other services, though, in the future.
Alex Eckelberry (Siteowner) | Homepage | 01.12.06 - 11:48 am | #

Will this hosts file hijack work if the target site uses https?

And the user won't be alerted to a certificate mismatch?
Andy | 01.13.06 - 9:08 am | #

I would be curious what the affect of making your hosts file read only would have had on that virus?

Joe
Joe Bagazinski | 01.16.06 - 1:45 pm | #

Joe -- I only did some limited testing on this but my guess is it would have helped. I'll ask the team to check it out.
Alex Eckelberry (Siteowner) | Homepage | 01.16.06 - 6:35 pm | #

thanks a lot..
hekimboard | Homepage | 07.23.08 - 8:54 am | #