Friday, August 17, 2007

Websense: Indian Syndicate Bank Website Compromised


Via Websense Security Labs.

Websense® Security Labs™ has discovered that the official site for Indian Syndicate Bank (www.syndicatebank.in) was compromised with a malicious script that attempts to exploit multiple vulnerabilities. When customers visit the Web site, a malicious JavaScript file is executed and creates two additional iframes in the page.

The JavaScript [...] creates two new IFRAME elements within the page. One IFRAME attempts to load exploit code and the other creates several additional IFRAMEs that contain advertisement-related content. The exploit will try to load a Trojan Downloader which will contact a remote server to download the following Trojan Downloader and Backdoor.

The site appears to have been cleaned a few hours ago.

More here.

Image source: Websense Security Labs

0 Comments:

Post a Comment

<< Home