Hackers’ Malware Lied In Wait on Home Depot Web Page
According to FOX NEWS' reports published on January 11, 2011, an Information Technology analyst recently revealed that a prominent retailer website namely Home Depot had leftover issues from an earlier security breach on it that happened during 2009. For, the website had concealed malware, which diverted visitors onto another website which delivered more malware.
Elaborated Mike Menefee who founded Infosec Island a security website that learnt about the hack, someone was able to disfigure the website and insert the malware with the purpose of getting people accessing the site become infected from the second site. FOX NEWS reported this on January 11, 2011.
The attack began when anyone did an online search on Google for "home depot stair spindles." On top of the list of search returns is hxxp://www6.homedepot.com/stairparts/gallery.html. It has been found that this page contains a malicious Iframe, which connects with vwui.in an external website. Both StopBadware and Google have labeled the site malicious. Back in July 2009, it was another instance of labeling it malicious. Meanwhile, given that the site does not anymore have any related DNS records, there are lots of chances that hackers compromised the Home Depot web-page for the first time through the enormous assault of 2009, but it has been uncovered only now.
Reportedly, according to security researchers, someone discovered the hack and disabled it. The thing that appears mysterious about the entire issue is that someone left malware lingering, quiet, inactive and unworkable on the website.
Stated Senior Security Advisor Chet Wisniewski at Sophos Labs the security company, it appeared that Home Depot came under hackers' attack at one instance; however, it was not presently thought as a danger for people accessing it. Nevertheless, the reason for the malware lingering on the retailer's site without doing anything was not clear to Wisniewski. FOX NEWS reported this on January 11, 2011.
Importantly, hackers' attack ruining an online site this way isn't unknown. During 2009, attackers inserted concealed iframes into innumerable websites, which tried to load malicious software from those hijacked sites. Usually the iframes were injected via the exploitation of SQL security flaws.
Related article: Hackers Redirect Windows Live Search to Malicious Sites
» SPAMfighter News - 22-01-2011