Malware served by official government site.
Web-watchers at
Sophos
have reported spotting malware hosted on the website of the US Consulate in St. Petersburg, using obfuscated JavaScript and hidden iframes to silently download trojans to vulnerable systems.
The hack was part of a sizeable attack targeting vulnerable web servers worldwide last week, with over 400 sites, mostly based in Russia, found to be carrying similar malicious code. The US Consulate site admins responded rapidly to warnings from
Sophos
, and closed the security holes which left their systems open to the attack as well as removing the downloader code.
A detailed blog entry describing the attack is
here
.
Posted on 14 September 2007 by
Virus Bulletin
Leave a Reply