Hi, I work for the Threat Response team at Nevis-Labs (Nevis Networks<http://www.nevisnetworks.com/services.php?id=10> ).
I would like to alert you about certain projects hosted on code.google.comthat are hosting Malware configurations & its components. Following Projects are found to be hosting Malware components - expcmd01.googlecode.com/files/cmsys.gif expcmd02.googlecode.com/files/cmsys.gif expcmd03.googlecode.com/files/3picsys.gif expeml04.googlecode.com/files/udsys.gif expcmd04.googlecode.com/files/cmsys.gif These were found while analyzing samples of Win32/Mofksys.A worm : MD5 : ee84838421768c902690281178e7a0ce<http://www.virustotal.com/file-scan/report.html?id=ffc90f28827ee1ca75af4ed6d262bb7e4d5e418eea4c27918b157ae5f8667666-1288290110> MD5 : c7dcc44cb0c3355bedff8bc7c34ab43c<http://www.virustotal.com/file-scan/report.html?id=e4310eb92e7f78463eab090b0e7fe40de9398acffc4b7410f2cbc3512ba0954c-1264961394> The hosted files themselves are not malicious executables by nature, but instead are part of components that the worm downloads. So, Google code projects server is probably being misused as a Command and Control channel for this Malware. Let me know if you need more information. Request you to please review the project files and take appropriate action. regards, ~ DaH4ckeR [ http://hypersecurity.blogspot.com ][ http://twitter.com/dah4cker ] -- You received this message because you are subscribed to the Google Groups "Project Hosting on Google Code" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
