Printer Friendly
The Free Library
19,604,530 articles and books
Member login
User name  
Password 
 
Join us Forgot password?

Attack on over half a million Web pages worldwide.


Trend Micro has identified over half a million Web pages that have been compromised by a Web attack. Affected websites are injected with a malware script (JS_SMALL.QT) resulting from a poor PHP (PHP Hypertext Preprocessor) A scripting language used to create dynamic Web pages. With syntax from C, Java and Perl, PHP code is embedded within HTML pages for server side execution.  Bulletin Board (aka, phpBB, a popular Internet forum See forum.  software programme) implementation. Upon visiting affected websites, visitors are infected with a variant of the ZLOB family (TROJ_ZLOB.CCW (Continuous Composite Write) A magneto-optic disk technology that emulates a WORM (Write Once Read Many) disk. It uses firmware in the drive to ensure that data cannot be erased and rewritten. ) which poses as a video codec (1) A hardware circuit that converts analog video (NTSC, PAL, SECAM) into digital code and vice versa. The term may refer to only the A/D and D/A conversion, or it may include the compression technique for further reducing the signal (definition #2 below). See codec.  installer. When users download the purported video codices co·di·ces  
n.
Plural of codex.  they are actually downloading several Trojan horse programmes:

TROJ_DNSCHANG.CS

TROJ_ALUREON.AE

TROJ_ALUREON.AH

TROJ_ALUREON.AI

These types of Trojans are known for changing an affected system's DNS server and Internet browser settings, thus making the system vulnerable to additional threats. Many of the Websites have already been compromised with fake pharmaceutical and pornographic spams. It appears that the first infection occurred in February 2008. The infections appear to have been carried out in forums and guest books. The original forum and guest book pages are now inaccessible as they redirect visitors to a porn site to download the fake video codec. The malware is hosted on servers located in Columbus (OH), Concord (CA) and Moscow. This attack is potentially the work of a Russian/Ukrainian criminal gang that have initiated previous ZLOB attacks over the course of the past year.
COPYRIGHT 2008 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2008 Gale, Cengage Learning. All rights reserved.

 Reader Opinion

Title:

Comment:



 

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security News and Products
Publication:Database and Network Journal
Date:Jun 1, 2008
Words:221
Previous Article:Unified management with intuitive graphical monitoring.
Next Article:YouGov/Trend Micro survey.
Topics:



Related Articles
PC FLANK PROVIDES FREE TOOLS TO PROTECT AGAINST VIRUSES.
Fighting yesterday's battles today.
Hacking Web services. (CD-ROM included).

Terms of use | Copyright © 2012 Farlex, Inc. | Feedback | For webmasters | Submit articles