[CONFIRMED] : WinAutopwn website is infected

by

In: winAUTOPWN

27 April 2009

We have talked about a cool tool called winAutoPwn. This utility compiles the latest windows "exploits" oriented and perform an aggressive "autoexploitation" attack. But since today and during our "Tools Update Process", we have identified a threat on the website.

JPEG - 21.5 kb

We put an evidence (jpg). In fact, the new AVG linkScanner identifies the website (hxxp://winautopwn.co.nr/) as corrupted.

Please, DO NOT DOWNLOAD ANYTHING from this previous location. We’ll contact the author for an investigation about this.

Here is a result of an online scanning:

Checking: http://winautopwn.co.nr/
Engine version: 5.0.0.12182
Total virus-finding records: 538267
File size: 1439 bytes
File MD5: b79d8fd25b65d02f2945a5ca93e2a8e0

http://winautopwn.co.nr/ - archive HTML
>http://winautopwn.co.nr//JavaScript.0 - Ok
http://winautopwn.co.nr/ - Ok

Checking: http://winautopwn.50webs.com
File size: 5183 bytes
File MD5: b459016576bc0d5a347dc4776b6e3046

http://winautopwn.50webs.com - archive HTML
>http://winautopwn.50webs.com/Script.0 infected with Trojan.Click.21021

Security-Database Tools Tracker Team


Related Articles

winAUTOPWN