Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 26th, 2009

Website Of Peugeot In Romania Compromised, Infecting Visitors With Malware

Websense Security Labs has discovered that the official Web site of Peugeot in Romania,, has been compromised and is infecting the machines of site visitors with malicious code. Peugeot is a major French car brand. Its parent company PSA Peugeot Citroën is the second largest carmaker in Europe, behind Volkswagen.

Malicious code has been inserted onto the reported page of the site via iframes. These iframes redirect to the pages of a different host that contains malicious obuscated JavaScript code that takes advantage of the MS Snapshot Viewer exploit (CVE-2008-2463), and the Adobe Reader PDF exploit (CVE-2007-5659).

The malicious iframes are leading to obfuscated malicious JavaScript code hosted on a .cn domain.

In the first half of 2008 more than 75 percent of the Web sites Websense classified as malicious were actually sites with seemingly “good” reputations that had been compromised by attackers. This represents a 50 percent increase from the second half of 2007. More than 45 percent of the top 100 most popular Web sites support user-generated content.

Share this item with others:

More on CyberInsecure:
  • Malaysian Kaspersky Antivirus Website Has Been Hacked In An SQL Injection Attack
  • Web Site Compromised, Infecting Site Visitors With Malicious Code
  • Authorities Shut Down Romanian ATM Skimmer Manufacturing Cybercriminal Ring
  • Parts Injected With Malware-Serving Code, Multiple Pages Including English Affected
  • Texas National Guard Website Remains Unavailable After Malware Infection

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Website Of Peugeot In Romania Compromised, Infecting Visitors With Malware

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.