Researchers Identify Executable Used to Compromise Websites and Distribute Malware
Researchers have been able to identify the crafty executable with which attackers have been compromising Websites in thousands to serve up malware over the past few months.
According to the SANS Institute's Internet Storm Center, which carried out an analysis, the mechanized attacks seemed to involve the abuse of vulnerabilities linked to SQL Injection. The exact mechanism was not clear until recently when security investigators discovered the executable that later associated with the attack targeting a hacker's Website.
Further, it appeared that the utility was written in Chinese language and facilitated users in deciding which HTML code they want to plant into the unprotected Web page.
Also, the tool executes a...
» SPAMfighter News - 19-04-2008