CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
September 20th, 2009

Sections Of PBS.org Website Hijacked, Serving A Cocktail Of Dangerous Exploits

Some sections of the popular PBS.org Web site have been hijacked by hackers serving up a cocktail of dangerous exploits, according to researchers at Purewire. Attempts to access certain PBS Web site pages yielded JavaScript that serves exploits from a malicious domain via an iframe.

The malicious JavaScript was found on the “Curious George” page that provides content on the popular animation series. A look at the code on the hijacked site shows malicious activity coming from a third-party qxfcuc.info domain.

The domain qxfcuc.info is part of a malware campaign that includes tens of similar websites hosted off of a handful of common IP addresses. Similar exploit code was served from most of these domains, although a handful (e.g., yyoqny.info) display a message that suggests the criminal behind this campaign is compromising systems to build a botnet he will likely later lease. Translated from Russian, that message tells prospective leasers to “Send a message to ICQ #559156803; stats available under ststst02.”

The URL serves exploits that target a variety of software vulnerabilities, including those in Acrobat Reader (CVE-2008-2992, CVE-2009-0927, and CVE-2007-5659), AOL Radio AmpX (CVE-2007-6250), AOL SuperBuddy (CVE-2006-5820) and Apple QuickTime (CVE-2007-0015).

Purewire said the exploit site is part of a malware campaign that includes tens of similar Web sites hosted off of a handful of common IP addresses.

PBS.org has already removed the malicious javascript from its site.

Credit: ZDnet.com Security Blogs

Share this item with others:

More on CyberInsecure:
  • High-profile Advertiser Media-servers.net Website Hacked, Serving Exploits Cocktail
  • Unpatched Yahoo! Messenger Flaw Allows Status Updates Remote Hijacking
  • Hijacked High-Ranked Sites Serve Malicious, Illegal Content, Blacklisted By Google
  • Daily Mail Serves Malicious Ads, Readers Redirected To Malware Installing Server
  • Internet Explorer 0-day Malware Infects Amnesty International Hong Kong Website Visitors

    • Posted in Botnets, Breaches And Incidents, Hacked, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Sunday, September 20th, 2009 at 6:25 am and is filed under Botnets, Breaches And Incidents, Hacked, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Sections Of PBS.org Website Hijacked, Serving A Cocktail Of Dangerous Exploits

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »