Websense - Cyber Criminals Hack Torrentreactor WebsiteSecurity firm 'Websense' have revealed that its Security Labs ThreatSeeker Network has lately found that Torrentreactor, one of the most trusted and oldest torrent search engines on the Internet, has been hacked and inserted with harmful code. The website has been injected with an iframe, resulting in a site laden with exploits. The exploits on the payload site contain Microsoft Office Snapshot Viewer, Adobe Shockwave, Internet Explorer (MDAC) and Adobe Acrobat Reader. The exploit in Microsoft Data Access Components (MDAC) enables remote attackers to execute a random code through unfamiliar attack vectors. Further, the Microsoft Office Snapshot Viewer exploit enables hackers to install harmful files on a client machine through a crafted HTML document or an e-mail. Security experts have commented that this can be leveraged for the execution of code by writing to a Startup folder. Adobe Acrobat Reader exploit enables hacker to install a malware sample on the system of the user whereas Adobe Shockwave flaw could be exploited by remote attackers to take control of Windows computers. Websense researchers claim that if the browser of the user is successfully exploited, a harmful file is installed and operated from the exploit site. The harmful file has a very little AV detection rate. The file is a Trojan Downloader and links to a Botnet C&C (Command and Control) server at IP 78.109.29.116. After linking to the IP, the file installs a rootkit installer from the same IP. The security experts say that accessing the Torrentreactor site can be destructive as it can target user's system. In the last week of June 2009, researchers of Finjan (a security firm) found that the site of Indian Institute of Remote Sensing had been hacked by attackers. The hacking method was identical to the manner employed by hackers of Torrentreactor. In other words, the site was instilled with a harmful iframe. In May 2009, security vendors also reported the same infection which used the Fiesta attack toolkit on an Indian government website belongs to the Union Public Service Commission. Therefore, the security experts advise the administrators of the website to protect their websites in the best possible manner. Related article: Websense Discovered Malicious Social Networking Spam Campaign ยป SPAMfighter News - 7/7/2009 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
