Archive for the ‘eleonore’ Tag

Moneycontrol.com hacked: Websense   1 comment

India’s financial website Moneycontrol.com was hacked last week, as unknown hackers inserted a malicious code inside the website’s pages, making visitors to it vulnerable, US based cyber security firm Websense Security Labs said in its security alerts released on Tuesday.

According to the San Diego based Websense, the main Indian site of Moneycontrol.com was compromised and injected with malicious code on November 6, 2010. The injected code redirected users to an exploit website. “Once a user visited the Moneycontrol.com, the malicious code took the user’s browser quietly to an exploit website http://www.Brenz.pl – in a typical “drive-by” attack. Brenz.pl is an exploit site pre-loaded with an exploit kit called Eleonore,” says Websense Labs Senior Researcher Elad Sharf.

Exploit kits contain malicious programs which can be downloaded to infect a particular computer. “A list of exploits are delivered to the user’s browser once Brenz.pl is visited and any successful attempt of exploitation results with the user being infected with a Trojan called Virut,” Mr Sharf adds. Virut is a file infector that targets .exe and .scr files, extensions used for applications and scripts respectively. The site was cleaned up the next day.

Active injected codes can potentially impact a site’s performance. When a website is injected with code that leads to an exploit site, visitors generally experience hanged or slow browsers, and often a a browser crash, as well, says Sharf.

Eleonore on the other hand has potential to exploit common vulnerabilities in applications like Adobe Reader, Mozilla Firefox and Internet Explorer.

According to CERT-in, India’s Computer Emergency Response Team at Ministry of IT, SQL injection attacks are on the rise. Such an attack is designed to inject an iframe into the website source which will force visitors to download a javascript file, says CERT-in. Many websites have been found infected with such scripts. After successful exploitation, malware such as Trojans are downloaded to the user’s system, says the agency. It advises caution even while visiting trusted websites.

Posted November 11, 2010 by Rajesh_Gandhi in computer virus, cornficker, india, money

Tagged with , , , , ,

Follow

Get every new post delivered to your Inbox.

Join 129 other followers