Chinese websites have recently been targeted by a drive-by download campaign that dropped a Distributed Denial of Service (DDoS) bot by the name of Avzhan, a malware that has been around since 2010. The most recent attacks were spotted by Malwarebytes Labs researchers, who say that the bizarre patterns of this particular drive-by download were not advanced, but they did demonstrate the use of several different exploits to distribute malware. “For years we have cataloged thousands of Chinese websites injected with the same malicious and rudimentary VBScript code. Even to this day, you can find a countless number of sites that have been (or still are) compromised with that pattern, and most of them happen to be hosted in China,” Malwarebytes researcher Jérôme Segura explains.
ORIGINAL SOURCE: Security Brief Asia