Hacked BBC streaming websites serve up malware

Discussion in 'malware problems & news' started by Malcontent, Feb 15, 2011.

Thread Status:
Not open for further replies.
  1. Malcontent

    Malcontent Registered Member

    Joined:
    Dec 30, 2005
    Posts:
    451
    Location:
    Cleveland, Ohio USA
    http://www.theregister.co.uk/2011/02/15/bbc_driveby_download/
     
  2. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Thanks, Malcontent.

    Here is the latest Phoenix Kit as of February 4:

    Now Exploiting: Phoenix Exploit Kit Version 2.5
    http://blog.trendmicro.com/now-exploiting-phoenix-exploit-kit-version-2-5/

    It's amazing how these exploits are still snagging victims - two of the most successful target IE6 and have been patched, one in 2006:
    Code:
    IE MDAC CVE-2006-0003
    IE SnapShot Viewer ActiveX Vulnerability CVE-2008-2463
    Prevention against the binary executable is secured by SRP or anything similar that blocks unauthorized executables. Unfortunately, the common victims are not aware of such preventative measures.

    Nor are they likely to even know about such potential for contaminating web sites, which has been written about for at least 4 years...

    Regulars at Wilders are in a unique position to spread the word and help (those who will listen) with patches/security against such exploits.

    ----
    rich
     
Loading...
Thread Status:
Not open for further replies.