Trend Micro - Thai Websites Compromised in Bulk to Deliver MalwareResearchers at security company 'Trend Micro' have discovered that several websites of Thai government agencies have been hijacked in yet another instance of bulk compromise. According to them, a particular website among the compromised ones belongs to the Thai Police. It (Thai Police website) has been injected with malware for diverting visitors to various malicious sites. The specialists state that one web-page on which users land, namely http://{BLOCKED}t.ru/ip/bchqu1.exe, produces a downloader that Trend Micro has identified as Troj_DLOADER.DNG. This Trojan installs various malicious applications such as - TROJ_CUTWAIL.GQ, TSPY_ZBOT.ACH and TROJ_FAKEREAN.BW. Joseph Pacamara a senior threat analyst and the discoverer of the bulk hijack states that cyber criminals are presently encouraging the use of compromised genuine websites to channelize the proliferation of FAKE AVs, as reported by Trend Labs malware Blog on September 28, 2009. Trend Micro stated that it had notified all owners of the affected websites to sanitize their sites. The company had also told them about the various risks to users because of such attacks. Further, according to Trend Micro, the ThaiCERT has been informed about the bulk compromise. Meanwhile, the perpetration of cyber assaults and malicious software on Thai websites is attributed to "minimal cost", a prime concern to Thai organizations in general. Government agencies and NGOs in the country generally do not spend on security experts' services as they do not think much of security. Anybody easily available is asked to take care of the organization's web-server and the person often is the web-designer. Moreover, in case an organization is hacked into, it ignores the problem calling the problem an external issue rather than getting it fixed. If a government organization, which has subscribed to an ISP connection, gets hijacked or exploited for spam, it would typically tell its ISP to resolve the issue after providing it the organization's main password. According to experts, it is now ever-more important for computer-users to maintain a fully controlled system, and businesses should safeguard their servers against web-attacks. SophosLabs another security company stated that in 2008, Thailand entered the top ten lists, by entertaining 1% of the total malware infested web-pages globally. Related article: Trend Micro Detects Spam Mail Declaring World War III ยป SPAMfighter News - 10/12/2009 |    |
Dear Reader
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!
 |  |
