Hackers Jack Thousands of Sites, Including U.N. Domains

Gregg Keizer, Computerworld

Wednesday, April 23, 2008 5:00 PM PDT

How It Works

Although the malware-hosting domain has changed, it's located at a Chinese IP (Internet Protocol) address, just like the one used in March, Hubbard said. "It also looks like they're using just the one [hosting] site, but changing the link within the JavaScript," he added, talking about an obfuscation tactic that the attackers have used before.

When a visitor reaches one of the hacked sites, the malicious JavaScript loads a file from the malware-hosting server, then redirects the browser to a different page, also hosted on the Chinese server.

"Once loaded, the file attempts eight different exploits," noted the Websense warning, including one that hits a vulnerability in Internet Explorer's handling of Vector Markup Language (VML) that was patched in January 2007.

Another security researcher, Giorgio Maone, who also develops the Firefox add-on "NoScript," said late Wednesday that although the U.K.-based sites appeared to have been cleansed of the malicious JavaScript, the U.N. sites had not.

Maone also said "I told you so" in his blog post yesterday. In an August 2007 entry, he had said that rather than fixing the underlying security problems on the UN site, the agency had simply deployed a "pretty useless" firewall that masked the most obvious attack surface.

Even the disinfected sites, however, could fall victim again, Maone maintained. "The sad truth, though, is that even those 'clean' sites are still vulnerable, hence they could be reinfected at any time," he said.

"Web site owners have to start securing their code," Hubbard agreed.

Sponsored Resource:Are you ready for virtualization? Try the sever assessment tool.
Sponsored Resource:Learn more about ultra light notebooks from Asus and the best warranty in the industry.
Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
Sponsored Resource:Get the truth about remanufactured ink. Learn more from HP.
Sponsored Resource:Six smart ways to grow small business IT

Recommend this story?
Vote Yes
Vote No
0 Yes
0 No
Email
Comment

Community Comments

News For Your Business

More News

PC World's Marketplace

PC World's Free Whitepapers

Security News

Data Protection - August 20, 2008
Online Encyclopedia Lists Internal Network Security Threats A new online encyclopedia lists internal network security threats.
Security - August 19, 2008
Judge Dissolves Gag Order Against MIT Students A U.S. District court judge on Tuesday dissolved a gag order against a trio of MIT students who say they found flaws in the...
Data Protection - August 18, 2008
Data Security: What the Law Requires of IT IT's legal duty to secure sensitive data is complex and continuously evolving. Here's how to avoid the legal ramifications of a data breach.
Data Protection - August 18, 2008
Wells Fargo Access Codes Compromise Personal Data Thieves may have accessed personal data of as many as 7,000 of the bank's customers.

Latest Expert Blogs

Glenn Fleishman on Hardware - August 15, 2008 10:11 AM
Wake Me When You Need Me, Says Intel Intel's Remote Wake lets a computer listen intelligently for a signal to rouse from sleep mode and carry out an activity.
Neil McAllister on Software - August 19, 2008 6:04 PM
Microsoft Sends Up Trial Balloons for Windows 7 While Vista takes a beating in the press, Microsoft seems increasingly willing to disclose details of its forthcoming OS.
Erik Larkin on the Web - August 20, 2008 12:13 PM
Hulu's Streaming Shows Reel in Viewers The new free TV- and movie-streaming site jumped to eighth place among video sites in July, according to Nielsen.

All Blogs

Featured Resources

Premier Content From Our Sponsors

HP Ink Center You don't need a big budget to produce high quality marketing materials. Click here for more info...
CDW Virtualization Center What is Virtualization and how can it help you save money? Click here for more info...