A currency trading web site was compromised and used to serve malicious java applications to unwitting visitors, according to researchers at the security firm Websense- part of what might be a larger trend. Websense said in a blog post on Wednesday that the site tradingforex.com, which is used by foreign currency traders, was infected with a malicious Java applet that, when installed, key logging and screen capture software. Tradingforex.com (@Tradingforexxx) is a Cyprus-based online trading web site. It allows individuals to trade on the global foreign exchange market (or Forex). Users can trade everything from foreign currencies to precious metals, commodities and other financial instruments. According to an investigation by Websense researcher Gianluca Giuliani, the site was pushing a back door program to visitors using a malicious Java plugin to exploit known Java vulnerabilities on the victims’ computers. Further investigation by Websense and Giuliani revealed that the malware being pushed […]
Tag: hacking
Chrome 0Day A No-Show At Security Con
A planned talk that was to unveil a new and previously unknown (or “zero day”) vulnerability in Google’s Chrome web browser was cancelled on Saturday after the researcher, Ucha Gobejishvili, backed out, citing difficulties obtaining a visa to travel to New Dehli, India, where the Malcon hacking conference was held. The organizer of Malcon, Rajshekhar Murthy, confirmed in an email to Security Ledger that Gobejishvili cancelled his talk at the last minute. “(Ucha) did not come at (sp) the conference due to visa issues in the last minute,” Rajshekhar Murthy wrote in an e-mail to Security Ledger on Monday. “The issue stated was he was called in last minute (sp) by the military for compulsory service which conflicted with our event dates.” Gobejishvili did not respond to e-mail and instant message requests for comment. In a conversation with Security Ledger last week, he said he would use his talk at […]
Questions, Doubts greet Researcher’s Claim to have Chrome Zero Day
Google says that it will wait to see what transpires at a New Delhi hacking conference this week before responding to a researcher’s claim that he has discovered a remotely exploitable vulnerability in its Chrome web browser. Speaking with Security Ledger, Google spokeswoman Jessica Kositz said that the company was aware of claims by Georgian researcher Ucha Gobejishvili that he has discovered a previously unknown (zero day) security hole in Chrome and will demonstrate it at this week’s MalCon hacking conference. Gobejishvili described the security hole in Chrome as a “critical vulnerability.” “It has silent and automatically (sp) download function…and it works on all Windows systems” he told Security Ledger in an online chat session. While the Tbilisi-based researcher won’t say much about the hole, he told Security Ledger that he discovered it in July. The vulnerability is in a DLL (dynamic link library) that is part of the browser […]
Are Security Firms Ducking Attribution for VOHO? (Rhymes with ‘Carolina’)
RSA left few stones unturned in its recent report (PDF) on the so-called “VOHO” attacks against pro democracy, military industrial base and high finance firms. But one question that was notably left unanswered was perhaps the most important: “Who, or what, was behind the attacks?” Now the lead RSA security researcher trusted with analyzing the malware used in recent “watering hole” attacks tells Security Ledger that the malware left some clues as to the origins of the attacks, which affected tens of thousands of systems in more than 700 organizations, but not enough to conclusively link VOHO to a specific group, country or actor. “It’s hard to tell,” said Chris Elisan, a Principal Malware Scientist at RSA and the lead investigator into the malware used in the VOHO attacks. “The malware is only part of it,” he said. Other parts of what Elisan called the “attack chain” are needed to identify […]
Microsoft: Freeware, Pirate Software Supply Chain Leads to Infections
The Internet is a dangerous place, in general. And, depending on what you’re looking for online, it might be very dangerous, indeed, according to Microsoft. Writing in the company’s latest Security Intelligence Report, Microsoft said that its Malware Protection Center (MMPC) has observed an increase in malicious code infections that emanate from what it calls the “unsecure supply chain” – the informal network of legitimate and underground web sites that distribute freeware and pirated software. Freeware that promises to generate registration keys for popular products like Adobe’s Photoshop, Microsoft Windows and games such as Call of Duty were among the most commonly associated with malicious programs, Microsoft said. Internet users hoping to unlock pirated software download the key generators believing that they will produce a valid registration key, but often end up infecting their system in the process. But malware authors and cyber criminal groups will also wrap their creations in with […]
