Hackers Compromise Moneycontrol.com
The ThreatSeeker Network of Websense Security Labs, on November 6, 2010, discovered that hackers compromised the primary website pertaining to moneycontrol.com and inserted malware into its pages.
Significantly, Moneycontrol.com is the most popular financial portal of India. And being the authorized website serving CNBC TV18, it gives the latest news, opinions as well as assessment of equity, stock market, mutual funds, personal finance, commodities, loans and insurance.
Elaborating on the attack, Elad Sharf, senior researcher at Websense Labs said that when an end-user visited Moneycontrol.com, the malware silently diverted his Web-browser onto an exploit site namely www.Brenz.pl through a drive-by assault. This second website was already loaded with Eleonore, a kit for exploits, he further explained. Timesofindia.indiatimes.com published this on November 9, 2010.
Typically, kits for exploits carry malware items ready to be downloaded for contaminating any specific PC.
Moreover, Sharf said that when a user visited Brenz.pl, several exploits were served onto his browser, while any exploitation that turned out successful led the user to become contaminated with Virut, a Trojan virus. Virut infects by targeting .scr and .exe files, the extensions denoting scripts and applications respectively.
Further, according to Sharf, injected codes that are active have the capability for influencing the performance of a website. When code is injected into a website, which causes visitors to land on an exploit website, they normally encounter slow or hanged browsers, with the frequent possibility of the browsers crashing.
Worryingly, the aforementioned event underscores that Internet crooks are attacking reputed websites with malware again-and-again.
A similar code-injection incident that recently attacked NASA's website makes the issue clearer. In that the site began serving spam along with malware to PCs of unwitting end-users.
More websites, recently, that were hosted at Go Daddy too received bulk injection assaults which diverted visitors onto fake security software or scareware sites, the security researchers cautioned.
Remarking about such website attacks, Senior Technology Consultant Graham Cluley at Sophos the security company stated that expectantly, efforts were currently on for securing any flaws as also mitigating such a severe hack from re-occurring in future. EWeek.com published this on November 8, 2010.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 16-11-2010