Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

Sophisticated Malware Infects Philadelphia Tribune Website

Sophos the leading provider of software security has notified that the Philadelphia Tribune news website has contacted infection from a malicious program known as 'Mal/Iframe-N.'

In just one night, a number of high profile websites, of which one is a leading National Hockey League site, were found serving this fresh variant of Mal/Iframe-N. Another important website infected with this malware is that of the United States Treasury.

Explains Sophos, this specific Mal/Iframe-N version is treacherous as the malware isn't always visible while accessing the website. In other words, despite its presence, the infected site may seem uncontaminated. In standard practice, installation of this malware occurs through hijacked access information.

The original version of the malware was spotted in December 2009, which has has now appeared in a new incarnation, knows how to evade security software as well as how to hide from some browsers and security software.

Reportedly, this malware version behaves like a dropper. That is, when it runs itself on a computer and infects it, it implants another malware's payload, which further harms the system.

Apparently, the malware infection contaminates PCs by utilizing a script label rather than one simple frame, just like it behaved previously. This, therefore, implies that rather than utilizing the HTML script for appending the malware program to the script's "iframe" with the help of the 'onload' depiction, it utilizes the script's "document write" portion for introducing the computer virus.

The process thus enables it to remain hidden whilst a user accesses the website. So, albeit it continues to be there, its payload might not allow the user to know about it during each page view so that his system could get contaminated, the Sophos researchers disclosed.

In the meantime, high profile sites getting contaminated with malware isn't new. For, in February 2010, a malware attack struck the Star Tribune website. In that attack, the malware crept in through an advertisement.

Hence, to avoid malware infections, specialists advise the use of security software that should be kept up-to-date. As for this latest instance, web admins have recommended that they must reset all access data during their clean up exercise of Mal/Iframe-N.

Related article: Substantial Growth in Organized Cybercrime in 2008

» SPAMfighter News - 15-05-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next