Websense: Samsung Telecom Site Hosting Crimeware
Via Websense Security Labs Alerts.
Websense® Security Labs™ has received reports that the Samsung Telecom website is hosting malicious code. The site, which is hosted in the United States, has been hosting a number of directories and files which, when downloaded and run, install malicious code on end-users' machines.More here.
The server appears to have been compromised and has been hosting a variety of files for some time (the owners have been contacted).
The most current code, which is still available for download, is a Trojan Horse that attempts to disable anti-virus programs, modify registry keys, download additional files, and log keystrokes when connecting to banking websites.
Currently there is no exploit code on the website that attempts to trigger a download of the file without user interaction. The site is hosting and most likely distributing files to users who are lured through Instant Messaging or email links.
posted by Fergie @ 9/06/2006 01:55:00 PM
0 Comments:
Post a Comment
<< Home