Website Of Peugeot In Romania Peugeot.com.ro Compromised, Infecting Visitors With Malware
Websense Security Labs has discovered that the official Web site of Peugeot in Romania, peugeot.com.ro, has been compromised and is infecting the machines of site visitors with malicious code. Peugeot is a major French car brand. Its parent company PSA Peugeot Citroën is the second largest carmaker in Europe, behind Volkswagen.
Malicious code has been inserted onto the reported page of the site via iframes. These iframes redirect to the pages of a different host that contains malicious obuscated JavaScript code that takes advantage of the MS Snapshot Viewer exploit (CVE-2008-2463), and the Adobe Reader PDF exploit (CVE-2007-5659).
The malicious iframes are leading to obfuscated malicious JavaScript code hosted on a .cn domain.
In the first half of 2008 more than 75 percent of the Web sites Websense classified as malicious were actually sites with seemingly “good” reputations that had been compromised by attackers. This represents a 50 percent increase from the second half of 2007. More than 45 percent of the top 100 most popular Web sites support user-generated content.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.