Over 500k Microsoft webservers hacked
Apparently there are gamers in China who are planting trojans into Microsoft IIS servers with an exploit code that will steal game logins.
Hundreds of thousands of Web sites – including several at the United Nations and in the U.K. government — have been hacked recently and seeded with code that tries to exploit security flaws in Microsoft Windows to install malicious software on visitors’ machines.
On Thursday, Spanish anti-virus vendor Panda Security said that it had alerted Microsoft that a flaw IIS was the cause of all the break-ins. When I asked Microsoft whether they’d heard from Panda or if the hundreds of thousands of sites were hacked from a patched or unpatched flaw in IIS, a spokesman for the company didn’t offer much more information.
According to Finnish anti-virus maker F-Secure, the number of hacked Web pages serving up malicious software from this attack may be closer to half a million.
All of the hacked sites appear to have Javascript coding adding to their page source that silently pulls down malware from a few domains in China, namely nihaorr1.com, and haoliuliang.net.
[source: blog.washingtonpost.com]
So far three different domains have been used to host the malicious content — nmidahena.com, aspder.com and nihaorr1.com. There’s a set of files that gets loaded from these sites that attempts to use different exploits to install an online gaming trojan. Right now the initial exploit page on all domains are unaccessible but that could change. So if you’re a firewall administrator we recommend you to block access to them.
[source: f-secure.com]
For readers of Tambayan.ph, don’t worry coz this site is hosted on a Linux server.
[via geeksaresexy.net]
Popularity: 6% [?]
Tambayan.ph provides important news regarding (or related to) the Philippines. The site also features gadgets, technology news, interesting websites, online games, and much more.