Results 1 to 10 of 694

Thread: SPAM frauds, fakes, and other MALWARE deliveries - archive

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. #9
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Amnesty Int'l site serving Java exploits...

    FYI...

    Amnesty Int'l site serving Java exploits...
    - https://krebsonsecurity.com/2011/12/...-java-exploit/
    December 22, 2011 - "Amnesty International‘s homepage in the United Kingdom is currently serving malware that exploits a recently-patched vulnerability in Java. Security experts say the attack appears to be part of a nefarious scheme to target human rights workers... The site’s home page has been booby trapped with code that pulls a malicious script from an apparently hacked automobile site in Brazil. The car site serves a malicious Java applet that uses a public exploit to attack a dangerous Java flaw*... The site remains compromised..."

    - http://www.barracudalabs.com/wordpre...-on-activists/
    Comment: Emerson Povey @ amnesty.org.uk - December 23, 2011 - "... we have been working with our hosting service to resolve the issue. They have cleaned our servers, rebooted the system and removed the script from the default page. At 2pm today they confirmed that the problem is now fixed."

    - http://www.barracudalabs.com/wordpre...-on-activists/
    December 22, 2011 - "... compromised on or before Friday, December 16... Amnesty International UK has been notified... Java content (stolen from the Metasploit project), which targets CVE-2011-3544. If the exploit is successful, malware is installed on the visitor’s system..."
    VirusTotal Detections for Exploit
    ... a more up-to-date report (24/43) for this file:
    - https://www.virustotal.com/file-scan...3a8-1324550847
    File name: 542b24f1da13f0b1d647f3865b09e026bf00d4ef.bin
    Submission date: 2011-12-22 10:47:27 (UTC)
    Current status: finished
    Result: 24/43 (55.8%)
    VirusTotal Detections for Exploit Payload
    ... a more up-to-date report (22/43) for this file:
    - https://www.virustotal.com/file-scan...023-1324397991
    File name: f91dd927fd78a36176a68998304d70c8
    Submission date: 2011-12-20 16:19:51 (UTC)
    Result: 22/43 (51.2%)

    * http://web.nvd.nist.gov/view/vuln/de...=CVE-2011-3544
    Last revised: 11/24/2011
    CVSS v2 Base Score: 10.0 (HIGH)

    Current versions of Java here*:
    * http://www.oracle.com/technetwork/ja...ads/index.html

    Last edited by AplusWebMaster; 2012-01-16 at 18:55.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •