Re: Websense: Malcode Found on Mexican .Gov Website

[Nick FitzGerald <nick () virus-l demon co uk>]

Fergie wrote:

> Websense® Security Labs¢ has discovered malicious code hosted on a
> government body's official Web site. The victim is Comisión Federal de
> Telecomunicaciones, a division of Mexico's government (equivalent of the
> FCC in the United States).
>
> The main page of this Mexican government Web site does not contain anything
> malicious. However, when a user visits http://prospectiva.cft.gob.mx/, an
> .scr file is downloaded. After execution, the .scr file drops a
> suspiciously named executable into the Windows startup directory for all
> users.

Not the first time this site was hit recently either -- in fact, the 
currently cached copy of their home page at Google is a case in 
point...

http://64.233.167.104/search?q=cache:VIj_u3bldEAJ:prospectiva.cft.gob.mx
/indexcakal.html+http://prospectiva.cft.gob.mx/



Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.