Malware Attacks Security Careers Website Visitors of FireEye
Investigators from FireEye the security company detected an online manipulation during the 2nd-weekend, September 2013, in which a cyber-assault against one renowned video player of open source kind led to almost 200 infections as also an effective hacking into the careers Internet site of FireEye, published CRN dated September 16, 2013.
The security firm stated that almost 50 people visiting its careers site identified the assault that an intermediate advertiser executed. Manager of Threat Intelligence Darien Kindlund at FireEye stated that the assaulters utilized Darkleech exploit kit (that targets Apache web-servers and converts websites supported through them into malware-disseminating platforms) for delivering Reveton ransomware in one scam devised for filching account credentials as well as other data with a financial motive, thus published CRN.
Kindlund elaborated that FireEye's IT operations group, its internal security along with intermediate associates fast investigated as also detected that malware wasn't harbored straight on any of the company's website, instead it was pushed through certain 3rd-party advertiser, also known as 'malvertisement,' whose linkage was done through a FireEye 3rd-party web facility. The IT group subsequently acted to instantly delete the web-links to the malware, together with the company's associates so its website visitors could be protected, he said. Fireeye.com published this dated September 14, 2013.
Researchers discovered that the assault wasn't any targeted one just as it wasn't even any watering hole assault. Rather it seemed as one latest surge of the Darkleech malicious program scam that attacked intermediate Webmail servers of Horde/IMP Plesk as well as was a means for delivering Java exploits, which eventually loaded still one more Reveton, while more anti-viruses detected it as Trojan ZeuS.
Josh Gomez, malware Research Engineer with FireEye described the assault as an improvement over conventional Darkleech campaign; and through several phases diverted end-users onto malware-laced sites. V3.co.uk published this dated September 17, 2013.
The expert stated that the latest assault might put businesses in problem since the infection mode could get past several conventional online defenses and could get utilized for disseminating many more malicious programs if purged with the BlackHole attack toolkit or similar tools.
» SPAMfighter News - 26-09-2013