Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Blackhole Exploit Injected into USPS Website

The website of U.S Postal Service served a malware program, previously utilized during an advanced multi-stage assault that resulted in the malware toolkit for Blackhole Exploit, published The Register in news on April 8, 2011.

Reportedly, Zscaler, the cloud security vendor was first to spot this infection on ribs.usps.gov the RIBBS (Rapid Information Bulletin Board System) website of the United States Postal Service (USPS).

The contaminated website that delivers USPS' Intelligent Mail Services, which are business mail-oriented and barcode-reliant, was injected a malevolent JavaScript, which reportedly diverted site visitors via several other websites onto one exploit portal.

Moreover, similar to the majority of drive-by download assaults, the said JavaScript helped in redirection as well as took Web-surfers onto a different site crafted for appearing like a 404 fault. Being responsible for installing a Blackhole attack toolkit, that site scrutinized visitors' operating system and Web-browser so it could execute either a PDF or Java attack code.

Eventually, the drive-by assault exploited software flaws for planting Trojans on visitors' computers that accessed the USPS website, which the cyber-crooks got along with compromising.

Stated Vice President of security research Michael Sutton at Zscaler, it was once again that an authentic website, which was largely visited, was being utilized like an aid for assault. In addition, a very poor identification of the malevolent payloads by desktop anti-viruses that most enterprises regarded as the foremost as also the single means for client-side safeguards, made the assault potent enough to undoubtedly harm a large number of end-users, he explained. SoftPedia published this in news on April 8, 2011.

Lately, according to Zscaler the security company, the same toolkit for Blackhole Exploit contaminated the Internet site of a Houston, Texas-based music festival namely Worldfest. It (the toolkit) acted prominent within the corrupted advertisement, which impacted the Spotify versions supported with ads during the latter half of March 2011.

Nevertheless, USPS took ribs.usps.gov offline that continues to be in that state following the assault. Meanwhile, Web-surfers have been recommended that they should maintain their operating systems and other software up-to-date as well as always have their anti-virus on for scrutinizing Web-traffic.

Related article: Blackhole Attack Toolkit Imitating Zeus Features: AppRiver

ยป SPAMfighter News - 4/19/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page