USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0388 AntiVirus Company's Web Site Downloads a Virus:

Security researchers said the web site for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors' computers. The download section of AvSoft's S-cop web site hosts the malicious code, according to the chief research officer with security vendor AVG. "They let one of their pages get hit by an iFrame injection," he said. "It shows that anyone can be a victim ... It's hard to protect web servers properly." The technque used on the site has been seen in thousands of similar hacks over the past few months. The attackers open an invisible iFrame Window within the victim's browser, which redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim's computer. The malicious software is a variant of the Virut virus family. Fortunately, the malware used to install Virut exploits only well-known bugs, meaning that users who are running antivirus software on fully patched systems will probably not be infected by the attack in its current state, security experts say. Nobody knows how the malware got onto the web site in the first place. News of the hack was reported on the Full Disclosure security discussion list on Thursday.

(IDG News Service 07FEB08)

Last Modified: Sunday, 17-Feb-2008 13:47:26 EST

NOW READ THIS ("Security Advisory")

NRT-0388 AntiVirus Company's Web Site Downloads a Virus:

NOW READ THIS
("Security Advisory")