Sunday, September 13, 2009

Favicon malware

Nothing could seem more innocent than a favicon. It's the little website icon that sits next to the website address in the browser address bar and is added to your list of favourites (or bookmarks according to the browser you're using). But the little favicon.ico can be infected with malware. (See here and here.)
Nothing is more frustrating than a malware detection from your anti-virus program which reappears every two minutes whatever you do, as seen here on the avast! forum, and here detected by AVG- favicon malware was the cause both times, of course.
But why was the malware reappearing every two minutes? My best guess is that IE was downloading missing favicons, either after the cache had been cleared, or malicious favicons deleted.

No comments:

Post a Comment