Goal.com Still Contaminating Its Visitors
According to investigators at Armorize a security company, a well-known website for football news, Goal.com is still having security problems while it keeps on contaminating visitors with malicious software. Actually when May 2011 started, the web-scanning facility of Armorize spotted an infection from malicious software on Goal.com.
During that time the security investigators of Armorize stated that attackers had hijacked Goal.com and possibly used a backdoor, which enabled them access from the server. Perhaps their analysis was right as following the cleansing of those early contaminations, the website started to deliver malware again.
Essentially, the attackers inserted one fresh malicious iframe inside the key English web-page of the site so visitors could be taken onto one drive-by download website, which abused security flaws within obsolete software. If the assault turned out successful then a scareware program got loaded onto the victim's PC.
This scareware, according to Armorize, is named Security Shield. Once loaded, it becomes active on its own when Windows boots up. Meanwhile, following the boot up, the scareware starts scanning the PC and shows alerts of a large number of contaminations on the system. But if the user tries to eliminate the supposed contaminations, the scareware prompts him to buy the program. Actually, every file it claims is infected is an authorized Windows file.
In addition Armorize states that since Goal.com gets more than 200,000 distinct visitors on a daily basis it maybe that probable victims count large in number as well as are widely varied. This is more so because the website provides material in 22 different dialects covering more than 200 nations.
Telling further by citing the above assault, the security company observes that at present drive-by download assaults represent a vital medium for distributing malware across the Web. Furthermore they're extremely hazardous since often they're wholly detectable to victims because they're executed via the hijacking of authentic websites, similar to the instance of Goal.com.
In the end, Armorize says that to remain safe, users must maintain all software on their systems, including the OS, up-to-date as well as keep anti-virus software enabled to scan all inbound traffic.
Related article: Galway City Councilor Victimized With E-Mail Fraud
» SPAMfighter News - 06-06-2011