funsec mailing list archives
Websense: Malcode Found on Mexican .Gov Website
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 1 May 2007 22:02:15 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yet another example on the threat landscape of a method for compromising end-systems which is growing at an alarming rate. Via Websense Security Labs. [snip] Websense® Security Labs has discovered malicious code hosted on a government body's official Web site. The victim is Comisión Federal de Telecomunicaciones, a division of Mexico's government (equivalent of the FCC in the United States). The main page of this Mexican government Web site does not contain anything malicious. However, when a user visits http://prospectiva.cft.gob.mx/, an .scr file is downloaded. After execution, the .scr file drops a suspiciously named executable into the Windows startup directory for all users. The executable downloaded from this government site is malicious. The newly-installed malware collects user information and sends it back to the original source of the executable. [snip] More: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=772 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.1 (Build 1012) wj8DBQFGN7jdq1pz9mNUZTMRAodyAKCscpNTpsIjWgnB08FXWrIumf73CgCbBfyz qHXo+/dI64pbFajHsIxqE/U= =trI3 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Websense: Malcode Found on Mexican .Gov Website Fergie (May 01)
- Re: Websense: Malcode Found on Mexican .Gov Website Nick FitzGerald (May 01)