22-11-04

biggest and first attack on a banner network

The hack saturday endured several hours before being found and infected the 30th of each visitor to one of these sites  http://www.falkag.com/page.php?Id=16  (clients). The internet storm center is for the moment working with the sites to clean up this mess.
 
The infection placed three things on the pc's. The browser hijack  Virtumonde, the bofra-mydoom  iframe exploit  and a Trojan agent.ec which installed a backdoor
 
xp with sp2 are NOT Vulnerable and for the rest was it a lottery, only every 30th visit was diverted to the malicious website.
 
They used a weak point in the load balancer that falkag.com uses
http://www.theregister.co.uk/2004/11/22/falk_bofra_statem...
 
The only possibility to defend yourself is to put your browser in high security, put up a firewall or block all scripting and downloads without permissions.
more free securityware http://www.securingit.tk
because other firms tell more scripts and hacks like this are getting found

23:41 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.