Trojan Horse Found on Samsung Website
Internet security firm, Websense has found Samsung's Website in the US to presently host a keylogger Trojan horse. The Trojan is capable of disabling anti-virus software and commits theft of users' personal information like 'Internet banking security codes'. However, Internet users surfing the Website need not feel any danger because the Web server of Samsung has been brought under conditions in hosting malware and spreading it through e-mail or instant messages.
Although Samsung has been told about the problem but as of 8th September 2006 morning, Sydney time, the malicious code on the Website still exists, said Mr. Joel Camissar, country manager, Websense Australia.
An advisory of Websense related that the server was apparently compromised after it was hosting a variety of programs for some time. The most recent code is a Trojan horse still available for download. It tries to disable anti-virus programs, change registry keys, download more files, and read keystrokes when connected to online banking sites.
Camissar warned that there are chances for hackers who targeted Samsung's Web server to modify the company's Website. Therefore surfers can get their systems infected if they browse on the vulnerable Website.
Banks advise people not to trust links in unsolicited e-mails, and people follow that advice. People also tend to surf mostly trustworthy and branded sites. Since people are doing this i.e., going for trusted sites, hackers can make their objective successful by compromising particularly those sites.
Security experts have since long been recommending users to only believe the information and content of sites they know and can rely on. But hackers are also getting cunning with time. They are now targeting and attacking known sites. This puts many users at great risk as they are not likely to suspect the content they are downloading to be malicious. According to experts, incidents like the hacking of Samsung Website are rising. In connection to this 'Symantec Security Response' director David Cole alerted in his Web log that such attacks have started to appear in apparently gentle and safe websites.
Samsung has not commented on the flaw discussed above, so people await its reaction and planned action.
Related article: Trojans to Target VoIP in 2006
» SPAMfighter News - 15-09-2006