funsec mailing list archives
Websense: Samsung Telecom Site Hosting Crimeware
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 6 Sep 2006 20:53:34 GMT
Just ran across this... [snip] Websense® Security Labs has received reports that the Samsung Telecom website is hosting malicious code. The site, which is hosted in the United States, has been hosting a number of directories and files which, when downloaded and run, install malicious code on end-users' machines. The server appears to have been compromised and has been hosting a variety of files for some time (the owners have been contacted). The most current code, which is still available for download, is a Trojan Horse that attempts to disable anti-virus programs, modify registry keys, download additional files, and log keystrokes when connecting to banking websites. Currently there is no exploit code on the website that attempts to trigger a download of the file without user interaction. The site is hosting and most likely distributing files to users who are lured through Instant Messaging or email links. [snip] More: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=604 - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Samsung Telecom Site Hosting Crimeware Fergie (Sep 06)