Ars Technica used in malware campaign with never-before-seen obfuscation — Buried in URL was a string of characters that appeared to be random, but were actually a payload::Vimeo also used by legitimate user who posted booby-trapped content.
Ars Technica used in malware campaign with never-before-seen obfuscation — Buried in URL was a string of characters that appeared to be random, but were actually a payload::Vimeo also used by legitimate user who posted booby-trapped content.
I guess it’s less that the site was compromised, and more that someone linked an image in their account bio? It only worked on victims already infected with the first stage (not that I understand what happened there)
Waiting for the