Jump to content

Anyone know an infected site?


Barnitz

Recommended Posts

Ok, as bizarre as this may sound, I need the URL of a Java Zero-Day infected site.

I work for a company that uses Java for an Oracle database. This makes it had for us to just 'update' everything when Oracle releases the next version of java. We have had a few websites fall victim to the vulnerability.

We need an infected site to test old updates of java (specifically in the 1.6 family) to see if they are infected. From what I have gathered there are several strains of the zero-day virus and some do not effect some updates of Java, so until this mess is cleaned up we would like to use the most secure version.

So, does anyone have a URL handy? An easy way to tell if the site is infected is to put the URL into www.virustotal.com to be scanned.

Thank you,

Evan

Link to post
Share on other sites

Barnitz:

This is a public facing forum so posting malicious sites is not a good idea as the uninitiated forum readers may "try" the site(s) and actually get infected.

As a product support forum which provides trained personnel for the assistance in getting computers cleaned from malware infections, such a request is not really apropos for this forum. That, of course, would be at the discretion of the MalwareBytes' forum administrators.

If you work for a company that uses Oracle Databases that use Oracle Java v6 and/or JIT software then you have to look at the overarching concepts of the computers using said software and their role in the corporate structure. It may not be prudent to give these platforms Internet access. You may have to use content control filtering of Internet activity or having border/gateway FireWall rules that limit these computers to ONLY Internet sites that are specific to their role in using said software.

I don't believe that your approach is the right path. I think you need to look at the role of the computers in question and what kind of internet/intranet activity these computers should be provided if the systems are tied to old and vulnerable versions of software. This may need consultation with a security expert to come up with a corporate plan to mitigate the problem.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.