A new malicious website which is distributing malicious code that installs a Trojan Horse on end-users' machines. This potentially occurs without user interaction. The site appears to be mirroring a World Cup 2006 Soccer website with the exception that they have a lead story regarding the `now infamous' Zinedine Zidane head-butt incident from the World Cup final match against Italy.
Upon visiting any of the pages on the site, end-users are potentially infected with a Trojan Horse downloader. This Trojan Horse downloads additional payload code from the site. The site is using the underground 'Web Attacker' toolkit which allows users to install code that exploits users based on their browser types. The installed code includes one of five different variants, including exploits for old and new vulnerabilities. This site is hosted in the US and was up and running at the time of this alert.
This incident is a case in point; Cybercriminals have used the most debated topic of the tournament to launch Web-based attacks." This attack further reiterates the need to promote safe surfing throughout the year and have the relevant security systems in place to back this up."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment