December 1, 2008 — (WEB HOST INDUSTRY REVIEW) — According to a report posted today by John E. Dunn of Techworld, Russian malware distributors succeeded in hacking the website of TV station CBS and using the site temporarily to distribute malware to the site’s visitors.
The story credits security company Finjan with reporting the breach. Russian malware distributors were reportedly able to compromise a sub-domain of the CBS.com main site, serving remote malware to visitors through an iFrame attack – the placing of a single pixel of content from a remote site in a compromised page.
According to the report, the vulnerability of users to the attack would depend on the security software they were running, as well as their operating systems and browsers.
Yuval Ben-Itzhak, CTO of Finjan told Techworld that the company has seen an increase in the use of code obfuscation as a means of bypassing “traditional signature-based solutions.”
Obfuscation, traditionally used in software programming to make reverse engineering difficult has gained traction in the malware world in the last several years as a means of “hiding” malicious code from the security programs that would seek to identify it.
According to Ben-Itzhak, the CBS case serves as an example of the fact that even the biggest websites can’t necessarily be relied upon to be free of malicious content, and he recommends that web users “exercise caution at all times.” There have been many recent examples of big-name sites compromised by iFrame and SQL injection attacks.
Techworld reports that Finjan had informed CBS of its site being compromised, but that the Russian exploit server had since been taken offline, leaving the attack inoperable for the time being.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
