Home / mailingsPDF  

WSLabs, Malicious Web site / Malicious Code: UN Asia Pacific AIDS/HIV site compromise

Posted on 28 August 2007
Websense Security Lab

Websense® Security Labs(TM) has discovered that the United Nations' HIV/AIDS portal for Asia Pacific was compromised with a malicious script that attempts to exploit multiple vulnerabilities. When the Web site is visited, a malicious JavaScript file (e.js) is executed and creates two additional iframes in the page. Site visitors infected with this malicious code will have a Trojan downloaded and backdoor installed on their desktops.

We believe that these are the same perpetrators behind two similar compromises, one of a prominent bank in India and the other of a large industry organization Web site. Websense Security Labs discovered and reported on both of these incidents earlier.

Websense users with Websense Web Security Suite are protected from connecting to the sites hosting the malicious payload.


For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=800

 

TOP