funsec mailing list archives
Attacks on Unpatched IE Flaw Escalate
From: "Richard M. Smith" <rms () bsf-llc com>
Date: Mon, 27 Mar 2006 13:38:42 -0500
http://blog.washingtonpost.com/securityfix/2006/03/attacks_on_internet_explo rer_f_1.html Attacks on Unpatched IE Flaw Escalate More than 200 Web sites -- many of them belonging to legitimate businesses -- have been hacked and seeded with code that tries to take advantage of a unpatched security hole in Microsoft's Internet Explorer Web browser to install hostile code on Windows computers when users merely visit the sites. ... According to a list obtained by Security Fix, hackers have infected at least 200 sites, many of which you would not normally expect to associate with such attacks (i.e., porn and pirated-software vendors). Among the victims are a regional business council in Connecticut, a couple of vacation resorts in Florida, a travel-reservation site, an online business consultancy, an insurance company, and a site featuring things to do at various cities across the country. On Friday, hackers broke into the Web site of shipping company DLPromotionFreight.com and planted code that attempted to use the flaw to steal user names and passwords stored by IE. Yaniv Zahavi, chief technology officer for Intermakers Inc., the Plantation, Fla., company that manages the site, said it appears that only a handful of customers browsed the site during the few hours the attack code was present. Security Fix learned the location of one Web site being used as a virtual drop box for user name and password data stolen from people who'd visited the network of hacked sites (the SANS Internet Storm Center has a great post detailing exactly what one of these data-dump reports looks like). One of those victims was Abdel Marriez, a truck driver from Astoria, N.Y. The malicious program stole credit card information and credentials he used to access his e-mail online. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Attacks on Unpatched IE Flaw Escalate Richard M. Smith (Mar 27)