funsec mailing list archives
Re: Websense: Malcode Found on Mexican .Gov Website
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 02 May 2007 13:03:56 +1200
Fergie wrote:
Websense® Security Labs¢ has discovered malicious code hosted on a government body's official Web site. The victim is Comisión Federal de Telecomunicaciones, a division of Mexico's government (equivalent of the FCC in the United States). The main page of this Mexican government Web site does not contain anything malicious. However, when a user visits http://prospectiva.cft.gob.mx/, an .scr file is downloaded. After execution, the .scr file drops a suspiciously named executable into the Windows startup directory for all users.
Not the first time this site was hit recently either -- in fact, the currently cached copy of their home page at Google is a case in point... http://64.233.167.104/search?q=cache:VIj_u3bldEAJ:prospectiva.cft.gob.mx /indexcakal.html+http://prospectiva.cft.gob.mx/ Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Malcode Found on Mexican .Gov Website Fergie (May 01)
- Re: Websense: Malcode Found on Mexican .Gov Website Nick FitzGerald (May 01)