Sunday, March 09, 2008

2007 Bloggies Website Compromised: Serving Up IcePack Exploits


The website of the Annual Weblog Awards, nicknamed the Bloggies, appears to have been hacked on the eve of the award ceremony at the South By Southwest Interactive Festival.

The 2008 Bloggies nominees website and that of the awards' creator Nikolai Nolan have been taken down after an apparent security breach.

Pages for Bloggies nominees in previous years, hosted on the same domain, were still online last night but contained malicious content that downloaded automatically upon being loaded.

A scan of the 2007 Bloggies page using the online security tool LinkScanner revealed links to exploit software and advised users not to visit the address even if they thought their internet browser was secure.

More here.

Note: The screenshot above of the 2007 Bloggies Webpage was taken about 1/2 hour ago -- you can see the NoScript block icons indicating the embedded iFrame, which would attempt to load an exploit from a third-party server (located in Telekom Malaysia) running an IcePack exploit engine. -ferg


Post a Comment

<< Home