Hacked Turkish Government Website Used to Distribute Malware

The threat is disguised as a DivX plugin hosted on a Facebook page

By Eduard Kovacs on October 10th, 2013 07:49 GMT

Another Turkish government website has been hacked. However, this time, hacktivists have nothing to do with it.

According to Webroot, a website of Turkey’s Ministry of National Education, manisahem.gov.tr, has been compromised and set up to serve a piece of malware disguised as a DivX plugin.

The malware is hosted on a page called “giorgia.html” that’s designed to replicate Facebook. Here, users are instructed to download a DivX plugin in order to view a video. The computers of Internauts who download the malware automatically join a botnet operated by cybercriminals.

At the time of writing, the malicious page is still present on the Turkish government website. On the other hand, more and more antivirus applications are starting to detect the malware.

The best way to protect yourself against such threats is to avoid downloading files from untrusted websites. Also, make sure an antivirus is running on your computer, since in most cases, it will block the attack.

Even if certain pieces of malware are not detected based on their signatures, modern antivirus applications are capable of identifying a threat based on its behavior.
Fake Facebook page serves malware disguised as DivX plugin
   Fake Facebook page serves malware disguised as DivX plugin
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments