Cryptome.org, a website very similar to Wikileaks, was breached, the cybercriminals placing an attack script on each of its pages with the purpose of infecting computers to make them part of a botnet.
F-Secure’s Mikko Hypponen
informs that the script used the Blackhole toolkit to find vulnerabilities in the computers owned by the affected site's visitors.
A closer inspection revealed that the malicious script incorporated a clever mechanism to avoid being blacklisted by Google. To achieve this result, the script didn’t target the IP addresses of visitors that originate from Google.
According to
Cryptome administrators, the site was breached on February 8, around 6,000 files being altered to host the ill-intended script.
At the time of writing the website is online, but not all the pages may work until the infected files are replaced with
clean ones.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
