Malware Distribution Point Detection – a Case Study

The media consistently warns people that clicking on links within emails from unknown sources can be dangerous. What about links in seemingly harmless emails received from individuals of trust? More so, what if the URL of a said link points to a familiar website? In recent weeks, zveloLABS® has identified several websites that appear benign in nature at first glance, but after further analysis these sites have been categorized as malware distribution points. What made the following case study interesting is that none of the well-known Internet blacklists and malware analysis tools flagged these URLS as being malicious. The following analysis shows how these trusted control mechanisms were circumvented with nothing more than a guise and a fundamental understanding of how the Internet operates.