Tuesday, May 01, 2007

Websense: Malcode Found on Mexican .Gov Website

Image source: Websense


Via Websense Security Labs.

Websense® Security Labs™ has discovered malicious code hosted on a government body's official Web site. The victim is Comisión Federal de Telecomunicaciones, a division of Mexico's government (equivalent of the FCC in the United States).

The main page of this Mexican government Web site does not contain anything malicious. However, when a user visits http://prospectiva.cft.gob.mx/, an .scr file is downloaded. After execution, the .scr file drops a suspiciously named executable into the Windows startup directory for all users.

The executable downloaded from this government site is malicious. The newly-installed malware collects user information and sends it back to the original source of the executable.

More here.

Note: Yet another example on the threat landscape of a method for compromising end-systems which is growing at an alarming rate. - ferg

0 Comments:

Post a Comment

<< Home