Apr 4, 2008 : Welsh Government Site Hacked
📅 - Hackers broke into a Welsh government website to install a malicious JavaScript in an attack that mirrors the vicitimized pages of the Trend Micro (trendmicro.com) website in mid-March, as reported Friday by computer security analyst firm Sophos (sophos.com). The Welsh site is just one of the thousands of websites recently infected by malicious code.
Last month, Trend Micro's website was among one of up to 20,000 sites that fell victim to an attack where hackers exploited a weakness in the server's security that allowed them to set up malicious JavaScript.
Visitors of an infected page will be infected with a malicious code from another server, triggered by the JavaScript. Sophos has dubbed this attack 'Troj/Badsrc-A.'
In the case of the Welsh attack, the server that is hosting the malicious code is down, says Graham Cluley, Sophos senior technology consultant. The computer server might have exceeded its allowed bandwidth as a result of a high number of downloads of malicious code, meaning that many individuals could be infected, Cluley said.
This attack signals a rise in the number of hacked websites that are being used to infect PCs with malicious code, a tactic that can be used to infect fully patched computers. Once the malicious JavaScript is triggered, a user could be prompted to download some harmful software that he or she may believe is essential to accessing the legitimate website.
Cluley said that other cases could see the JavaScript launch an attack that attempts to exploit weaknesses in, for example, QuickTime, which could be launched by JavaScript if the application isn't patched. Apple responded to this earlier this week by issuing 11 patches for its media player.
Aside from using virus-protection software, users can protect themselves from these attacks by using the Firefox browser with the NoScript extension, which blocks the execution of JavaScript, Java and Flash in the browser.
NoScript prevents legitimate websites using JavaScript and those plugins from working, but users are given the option of white listing safe websites. The extension, as well as Firefox, can be downloaded for free here. NoScript can block the attack on the Welsh website, Cluley said.
Sophos has contacted the organization that maintains the Welsh site but has not yet received a response.
Last month, Trend Micro's website was among one of up to 20,000 sites that fell victim to an attack where hackers exploited a weakness in the server's security that allowed them to set up malicious JavaScript.
Visitors of an infected page will be infected with a malicious code from another server, triggered by the JavaScript. Sophos has dubbed this attack 'Troj/Badsrc-A.'
In the case of the Welsh attack, the server that is hosting the malicious code is down, says Graham Cluley, Sophos senior technology consultant. The computer server might have exceeded its allowed bandwidth as a result of a high number of downloads of malicious code, meaning that many individuals could be infected, Cluley said.
This attack signals a rise in the number of hacked websites that are being used to infect PCs with malicious code, a tactic that can be used to infect fully patched computers. Once the malicious JavaScript is triggered, a user could be prompted to download some harmful software that he or she may believe is essential to accessing the legitimate website.
Cluley said that other cases could see the JavaScript launch an attack that attempts to exploit weaknesses in, for example, QuickTime, which could be launched by JavaScript if the application isn't patched. Apple responded to this earlier this week by issuing 11 patches for its media player.
Aside from using virus-protection software, users can protect themselves from these attacks by using the Firefox browser with the NoScript extension, which blocks the execution of JavaScript, Java and Flash in the browser.
NoScript prevents legitimate websites using JavaScript and those plugins from working, but users are given the option of white listing safe websites. The extension, as well as Firefox, can be downloaded for free here. NoScript can block the attack on the Welsh website, Cluley said.
Sophos has contacted the organization that maintains the Welsh site but has not yet received a response.
Reads: 2060 | Category: General | Source: TheWHIR : Web Host Industry Reviews
URL source: http://www.thewhir.com/marketwatch/040408_Welsh_Government_Site_Hacked.cfm
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!
📅 - 
📅 -