Web Attack: Malicious Java Class Download 2
#1
Super Moderator
Thread Starter
Web Attack: Malicious Java Class Download 2
I'm not sure just who would be interested (Adm?)...
But my Norton360 just caught/stopped this attack.
Here's the information provided by Norton on the Attacker...
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
2012-07-29 10:17:58,High,An intrusion attempt by www.kravitzwipedout.org was blocked.,Blocked,No Action Required,Web Attack: Malicious Java Class Download 2,No Action Required,No Action Required,"www.kravitzwipedout.org (84.247.61.19, 80)",www.kravitzwipedout.org/c1owkx9/?09575cbe78fd8b9e525a430c04585550090b050c0101525e0 509040200500455,("),84.247.61.19 (84.247.61.19),"TCP, www-http"
Network traffic from <b>www.kravitzwipedout.org/c1owkx9/?09575cbe78fd8b9e525a430c04585550090b050c0101525e0 509040200500455</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\JAVA\JRE7\BIN\JAVA.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
But my Norton360 just caught/stopped this attack.
Here's the information provided by Norton on the Attacker...
Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
2012-07-29 10:17:58,High,An intrusion attempt by www.kravitzwipedout.org was blocked.,Blocked,No Action Required,Web Attack: Malicious Java Class Download 2,No Action Required,No Action Required,"www.kravitzwipedout.org (84.247.61.19, 80)",www.kravitzwipedout.org/c1owkx9/?09575cbe78fd8b9e525a430c04585550090b050c0101525e0 509040200500455,("),84.247.61.19 (84.247.61.19),"TCP, www-http"
Network traffic from <b>www.kravitzwipedout.org/c1owkx9/?09575cbe78fd8b9e525a430c04585550090b050c0101525e0 509040200500455</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME1\PROGRAM FILES\JAVA\JRE7\BIN\JAVA.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
Last edited by SWHouston; August 16th, 2012 at 10:54 AM.
#3
Super Moderator
Thread Starter
Thank you for your reply.
Beyond the information in my first post...
I receive notifications of new/updated post automatically. Regardless of which I respond to, that message is shown about the block. Seemingly doesn't matter what Thread the EMail notifications directs me to. Also, it doesn't happen every time I visit. This site seems to load a bit slower than others I visit as well (don't know if that means anything), and my computer processor operation, increases to about 25% or so, on this site only. That may be my Norton program given these two problems. This "intrusion" has not altered my ability to logon or Post.
Thank you,
S.W.
PS, also see...
https://chevroletforum.com/forum/sit...ication-51915/
which still is occurring.
Beyond the information in my first post...
I receive notifications of new/updated post automatically. Regardless of which I respond to, that message is shown about the block. Seemingly doesn't matter what Thread the EMail notifications directs me to. Also, it doesn't happen every time I visit. This site seems to load a bit slower than others I visit as well (don't know if that means anything), and my computer processor operation, increases to about 25% or so, on this site only. That may be my Norton program given these two problems. This "intrusion" has not altered my ability to logon or Post.
Thank you,
S.W.
PS, also see...
https://chevroletforum.com/forum/sit...ication-51915/
which still is occurring.
Last edited by SWHouston; August 4th, 2012 at 10:04 AM.
Thread
Thread Starter
Forum
Replies
Last Post