The official website of the Nobel Peace Prize was compromised and used to serve an exploit targeting a zero-day vulnerability in Mozilla Firefox. On their blog, Mozilla has acknowledged the vulnerability and said they will issue a patch as soon as it has been tested. The said vulnerability causes a “drive-by download”, where a malicious file is downloaded and run without the user being aware of what happened.
The Nobel site appears to have been compromised with a malicious PHP Script, which we detect as JS_NINDYA.A. The exploit downloads a backdoor onto user systems, detected as BKDR_NINDYA.A. It connects to one of remote malicious servers, which is used by a cybercriminal to send various commands to the system. These commands include shutting down the affected system, as well as deleting all files on the system. [Date: 26 October 2010; Source: http://blog.trendmicro.com/firefox-zero-day-found-in-compromised-nobel-peace-prize-website/]
No comments:
Post a Comment