Chinese Internet Security Response Team Website Hosting Malicious Content - UPDATE
A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag.More here.
Injected IFRAME tags are not a new means of using legitimate sites to launch attacks on unsuspecting users, with a recent notable case being the Bank of India hack. What is different in this case is that the hack is only being served to seemingly random site visitors.
Note: I'm wondering if it is still hosting malicious content -- there is a lot of embedded JavaScript at that site that I just don't have time right now to examine in more detail. It is my opinion that a CERT/CSIRT webpage shouldn't be a JavaScript minefield. -ferg
Update: 12:45 PDT: WARNING: Yes, the site is still hosting malicious content at this time.
posted by Fergie @ 10/02/2007 10:47:00 AM
0 Comments:
Post a Comment
<< Home