BelchSpeak

I can't believe that came from your mouth!

Belch.ComCrimeCyberHumor

Stoner Magazine Harshing Buzzes by Serving Malware

I use the Invincea Research Edition in my day-to-day job investigating malware. I found this humorous exploit uploaded on the site today. ThreatGlass posted that the pot-enthusiast site 420magazine.com was serving malware, so a researcher went to the site to test it and sure enough, the site tried to infect them with a Flash Exploit.

Screenshot from ThreatGlass showing infector site.
Screenshot from ThreatGlass showing infector site.

Here is the event tree from the Research Interface. You can see the exploits dropped, see that batch files were set to run at startup and that command and control notifications were sent to Bulgaria and the Ukraine.

flash-sploit

The exploits were actually delivered via malware embedded in the site’s advertising, but those very advertisers choose which sites to use to deliver their malicious payloads. Not sure what malware miscreants want from a botnet made from Stoner’s computers? Maybe they just figure they won’t bother to put down the bong long enough to get their computers fixed.

I tweeted 420 Magazine about this but have not received a response as yet.

Dr. Jones

Do not talk about fight club. Oops.

One thought on “Stoner Magazine Harshing Buzzes by Serving Malware

Leave a Reply

Your email address will not be published. Required fields are marked *