Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Incidents

Incidents

New York Jets Fansite Drops Yahoo Webcam Vulnerability Exploit

One more website distributing malware

By Bogdan Popa, Security and Search Engines Editor

7th of January 2008, 19:06 GMT

Adjust text size:


Don't visit the website unless you're protected!
Enlarge picture
Yet another web attack targeting the visitors of a very popular website and the vulnerabilities discovered on their computers. This time, the affected page is a New York Jets fansite, which obviously has a lot of visitors every day. Just like the past attacks, the website has been compromised with an embedded Iframe that attempts to take the visitors on another website, apparently hosted in Estonia.

"First, the iFrame (or an obfuscated JavaScript iFrame) contains a redirect to another website
hosting FirePack engine infection (we have also seen it loop through an intermediary redirect first), which then checks for the browser being used (MS-IE/Firefox/Opera) by the unwitting user", Paul Ferguson of Trend Micro wrote on the security company's blog.

FirePack contains several exploits for recent vulnerabilities reported in multiple software solutions, like Yahoo Messenger or Windows Media Player. Using these exploits, the attackers attempt to deploy a piece of malware on the vulnerable systems. "This malware creates one of the infamous NTOS.exe or WSNPOEM variants in the infected system - and their purpose is but for one reason, and one reason only: information theft", the Trend Micro official added.

Here are the software vulnerabilities which are currently exploited by FirePack and which may support the installation of the malware on your computer:

- Vulnerability in Microsoft XML Core Services Allows Remote Code Execution (MS06-071);
- Yahoo Webcam vulnerability;
- Microsoft Internet Explorer CreateTextRange Remote Code Execution Vulnerability (MS06-13);
- Windows Media Player Plug-In EMBED Overflow Universal Exploit (MS06-006);
- Vulnerability in Vector Markup Language Could Allow Remote Code Execution (MS07-004);
- Also, an Opera 0day 9.0-9.2 vulnerability released in October 2007!

If you're afraid that you may be one of the vulnerable users, you should apply the latest patches for your operating system / software applications, in order to be sure there is no vulnerability to be exploited by these dangerous people.

TAGS:

 new york jets | security | iframe | malware


Rating:
Fair (2.6/5) 5 vote(s) so far    

Read by 656 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Naked Angelina Jolie Pictures Hit Inboxes

The Web Could Bring Companies Down!

Avast Forum Hacked, Users at Risk!

Google Available in a Language Near You

Installing Wordpress on IIS7

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive