SecurityHome.eu WSLabs, Malicious Web site / Malicious Code: Syrian Embassy Of London Compromised

Home / mailings PDF

WSLabs, Malicious Web site / Malicious Code: Syrian Embassy Of London Compromised
Posted on 26 September 2007
Websense Security Lab
Websense® Security Labs(TM) has discovered that the official site of the Syrian Embassy in London has been compromised.

The site www.syrianembassy.co.uk contains three unique iframes that direct visitors to malicious Web sites. The iframes use various techniques to evade detection, including Javascript Obfuscation. The iframes point to hosts in the United States, Malaysia, and the Ukraine. The Mpack attack toolkit is hosted on one of these sites and attempts several exploits depending on OS, browser, and plugin versions. The end result is that two Trojan Downloaders are dropped on visitors' computers from two of the iframes.

For additional details and information on how to detect and prevent this type of attack:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=806

TOP

Mailings :

[gentoo-announce] [ GLSA 202405-09 ] MediaInfo, MediaInfoLib: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-08 ] strongSwan: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-07 ] HTMLDOC: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-06 ] mujs: Multiple Vulnerabilities
[gentoo-announce] [ GLSA 202405-05 ] MPlayer: Multiple Vulnerabilities

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20