Home > News content

Baidu's download site was found hidden malicious code

via:Solidot     time:2017/3/2 15:00:34     readed:555

Chinese tinder security company:PresentationSaid that Baidu's download station www.skycn.net and soft.hao123.com to download any software, will be implanted malicious code. The malicious code into the computer, through various means to prevent loading the driver is unloaded, and long latency and ready to be the "cloud" of remote control, to hijack the navigation station, the electricity supplier website, advertising and other traffic. The report said they were hijacked from the browser to the user's computer to extract a number of traffic hijacking and related suspicious files, these suspicious files contain Baidu signature. The suspicious file contains malicious code, is located to the name of a nvMultitask.exe release, when the user in Baidu two download site to download any software, will be bound to download the release, and then to the user computer into these suspicious files. After downloading the device will be released immediately in the background and the release of the release of the release of nvMultitask.exe, malicious code, even if the user does not do any operation to close the download directly, malicious code will be implanted. According to the analysis and traceability, the most late in September 2016, these malicious code that is completed. Manipulation of traffic hijacking "remote switch" in the near future is open, the infected computer will be in accordance with the regional and time conditions, or random is "choose" out of safety traffic hijacking called for "cloud control". In a report published after Baidu tinder, take actionRemovedMalicious code.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments