Malware Attack Against Red Cross Website

Zscaler the security software company, during the 2nd week of August 2010, unveiled a fresh campaign which spread malicious software against the Red Cross of Serbia. Stated Zscaler, without wasting any time, it informed the Red Cross of Serbia about the new online assault.

Evidently, during the attack, a malevolent JavaScript code, hxxp://obscurewax.ru/Kbps.js was inserted inside the main page of the charitable organization's website. Presently, the majority of anti-virus companies have blocked the site's access to online users. However, even before the malware was intercepted, it could have contaminated end-users' computers for theft of personal information as well as for proliferating still more malware along with spam.

Incidentally, if an online search is done on Google via the domain namely obscurewax.ru, it becomes evident that other attacks have been executed via this domain. That's because victims of the attacks are found to discuss the same type of inserted script on different forums, while the same type of malicious programs have been given to experts for analysis.

Said Pradeep Kulkarni, security researcher at Zscaler, despite the malicious script not getting delivered any more, there could be a chance that the security flaw which helped in the assault hadn't still been patched; therefore more contaminations could take place. There was also the possibility of the prevailing malware reactivating itself, he speculated. Internetsecurity.com published this on August 13, 2010.

Kulkarni further stated that the attack demonstrated cyber-criminals' latest victory while they increasingly put additional efforts towards infiltrating people's computers and seizing crucial information. Previously during the 2nd week of August 2010, McAfee released its Q2-2010 Threats Report, according to which, more malicious programs were found and designed during H1-2010 in comparison to any other half-year period on record.

Furthermore, as per the McAfee researchers, over 10m new malicious programs were identified during H1-2010 and over 6m malicious attachments, web-links or websites were uncovered during April-June 2010 alone.

Meanwhile, hackers attacked another Red Cross website back in March 2010 when they hit the American Red Cross East Shoreline Chapter with a malware scam wherein iframe insertions were utilized for contaminating pages with malevolent links and code.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 8/21/2010