Hackers Compromise Techcrunch Europe, Push Malware
Eu.techcrunch.com, a website of TechCrunch for the European region and a highly visited blogs site in the world is apparently under hackers' control as they seem to have loaded it with a malevolent code for contaminating unwary visitors.
As a result, a malevolent PDF file is delivered which if downloaded as well as executed enables the file to abuse a security flaw leading to an infection on the computer with the ZBot Trojan.
Revealed Rik Ferguson of Trend Micro, the server involved was situated in Germany and was receiving the hosting service from NetDirect already familiar for hosting malevolent websites. Help Net Security published this in news on September 6, 2010.
Security researchers further suspect if the offending hackers cashed in on the Labor Day vacation implying that fewer people from the TechCrunch support team who could resolve the issue might have been there on that day.
They have also reported that TechCrunch Europe's website possibly has the problem since some time. Still no clear alert has been issued for visitors posting their comments on it. What's more, no effort too has been made for cleaning it off the malevolent script alternatively stopping people from accessing the contaminated website.
In the meantime, the site is still on, while the situation hasn't been officially updated as well.
Nonetheless, people using certain Web-browsers mayn't be affected like Firefox that's displaying an alert notification about the issue.
At the same time, the researchers caution that the detection rate of the file is currently extremely low since merely 2 from the 43 anti-malware products that VirusTotal utilizes have been able to catch the ZBot variants, also called Zeus. Moreover, the anti-malware solutions merely function to emphasize that security software is needed which regards the threat on its totality rather than concentrating on any single feature about it.
Hence, the researchers recommend that users must not access the website till the time TechCrunch is able to eliminate the malicious code.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 14-09-2010