Unfortunately this simple and smart proxy technique are being largely used by brazilian malware writers to redirect infected users to malicious hosts serving phishing pages of financial institutions. A .pac script URL is configured in the browser, in the field “Use automatic configuration script”:
Here an example of a malicious .pac file in the wild:
A lot of the Brazilian malware is using this trick nowadays. Not only Internet Explorer users are affected, but also users of Firefox and Chrome. The malware changes the file prefs.js, inserting the malicious proxy in it:
2010 Apr 13, 14:44
Does Kasperky detect .ZIP file logs?
I am using windows vista ultima and, does Kasperky Internet Security detect ZIP.CRA.BAT file viruses? I heard about this type of virus, it steals card numbers. Heard about it from a friend of a friend who is a 'virus expert'. He said it's a new type of virus. Please reply. I'm a newbie here! =) ( I know I am posting this comment in the wrong page, I just need to know what is this virus.)