Hack at Trend Micro Splash Malware onto 32 Pages

Trend Micro, an anti-virus vendor, confirmed on March 13, 2008 that some miscreants hacked portions of its Website early in the second week of March 2008. But the company hedged on asking if the site itself had been delivering malware to unwary visitors.

Mike Sweeny, Spokesman, Trend Micro, said the site is cleaned of the malicious iframes and that the administrators has initiated efforts to prevent any further injections, as reported by The Register on March 13, 2008.

Evidently, Trend Micro is much more interested in explaining the iframe injections to other organizations sites. Sweeny also said that approximately 32 pages, a majority of which belonged to the encyclopedia were infected.

The massive injection resulted in the once-harmless sites turning hostile to their users by installing password-stealing Trojans, backdoors and various other malicious programs on their systems, as reported by The Register on March 13, 2008,

According to researchers at McAfee, the attacks apparently are the acts of only one criminal gang after they first found the bunch of compromised sites. The attacks demonstrate the increasing preference of crooks to distribute malware through legitimate sites, which have been hijacked instead of through specially designed destinations for that intention.

Based on reports of Japanese English daily, when people viewed the modified site pages, they unknowingly landed up on other Websites and a virus was planted on their systems that caused a series of other virus downloads, as reported by Computerworld on March 13, 2008.

Giving his opinion on the Trend Micro hack, Graham Cluley, Senior Security Consultant, Sophos, commented that the compromise represented an SQL injection and the attack involved a link pointing to a warning note, which Trend Micro posted on its Japanese-language Website that detected the malicious code as JS_DLOADER.TZE, as reported by Computerworld on March 13, 2008.

Further, while analyzing the malware attack, JM Hipolito of Trend Micro, wrote on the blogs that it was rather unfortunate that safe surfing practices could be ineffective, as even trusted Websites could be vulnerable to hacking attacks to deliver malware, as reported by The Register on March 13, 2008.

Related article: Hack.Huigezi Virus Attacks China PCs Rapidly

» SPAMfighter News - 3/24/2008