[ISN] CBS website bitten by iFrame hack

From: InfoSec News <alerts_at_private>
Date: Tue, 2 Dec 2008 01:26:50 -0600 (CST)
http://www.techworld.com/security/news/index.cfm?newsID=107833

By John E. Dunn
Techworld
01 December 2008

TV network CBS has become the latest big name to have it website used to 
host malware, a security company has reported.

It appears that Russian malware distributors were able to launch another 
iFrame attack on a sub-domain of the cbs.com site so that it was serving 
remote malware to any visitors. A user's vulnerability to the malware 
attack launched by the site hack would depend on a number of factors, 
including the type of security used on a PC, the operating system, and 
possibly the browser version.

"This saga confirms our many previous warnings that obfuscated code 
posing a serious threat to Internet users' PCs, said Finjan CTO, Yuval 
Ben-Itzhak, who has devoted a fair amount of time in recent months to 
finding these hacks.

"Our Threats Reports have continued to identify the increasing use of 
code obfuscation as a means of bypassing traditional signature-based 
solutions in order to propagate malware," Ben-Itzak continued, taking a 
pop at the anti-virus products against which his company in part 
competes.

[...]


_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html
Received on Mon Dec 01 2008 - 23:26:50 PST

This archive was generated by hypermail 2.2.0 : Mon Dec 01 2008 - 23:33:45 PST