Cybercriminals Hack Free Beacon Website Hampering the NSA Data Leak Story
UPDATE! (06/11/13) 13PM EST
The Washington Free Beacon has contacted SPAMfighter to inform us that they have addressed the issue and their site is now perfectly safe to visit.
Nowadays, most media organizations are in hurry to publish stories linked to the latest NSA (National security agency) data leak incident. Cybercriminals have begun to exploiting it for malicious operations with the prediction of its significance, as per the security experts at security firm Invincea, which first recognized the Free Beacon Breach.
But, in the recent case, they are not sending out spam emails that include links which seems to show NSA-linked stories. Instead they have compromised the genuine site of The Washington Free Beacon, (freebeacon[dot]com) , and modified the news article about the NSA discloser which could lead Internauts to a Java-based malicious exploit kit.
Together with the NSA discloser article, cyber crooks have injected malicious Java script code into many web pages, along with the index page.
Visitors to the website, which security experts suggest you shouldn't visit till it is rectified, are diverted to a domain which hosts the Fiesta Exploit toolkit. The exploit kit looks for the victim's machine for Java flaws that it leverage to push malicious software.
Along with Zeroaccess root kit, the Free Beacon campaign is infecting users also with scareware. Zeroaccess is an active P2P or peer-to peer botnet, which has been molded into many commercial exploit toolkits including the infamous Blackhole. The malware makes contact requests to many commands and controls servers, from the source where extra virus is loaded onto victim's machines.
Speaking with reference to news of the security breach, Steve Ward, Vice President of Invincea, said, "There seems to be this rigorous effort by cyber crooks to take over news sites," reported freebeacon.com on June 11, 2013. He further said that these particular attacks appear to have been carried out by criminals rather than by state actors such as China.
The Invincea researchers not only requested users to run the antivirus solution so as to be protected from such attack campaigns, but also noted that fixing Java to the latest version (if possible) may be the user's only (temporary) protection.
The attack on the Free Beacon is same as to cyber attacks carried out against a number of other Washington, D.C.-based media outlets, containing radio station WTOP, Federal News Radio and the site of technology blogger John Dvorak.
» SPAMfighter News - 17-06-2013