From the article:
When the log-in page fails, the end user is served an error page with malicious JavaScript that drags the user to a malicious domain where an attempt to exploit vulnerabilities on the user’s desktop applications is made, says Paul Royal, principal researcher at security firm Purewire.
The attacks includes attempts against known vulnerabilities in Acrobat Reader, an AOL ActiveX control, Apple QuickTime and others. There are patches to correct these application vulnerabilities but if the user hasn’t applied the patches, the exploit observed by Purewire at the PBS.org Web site could be successful in installing malicious code on the victim’s desktop computer.
The malicious domain -- qxfcuc.info -- was registered through registrar eNom, Royal says. The registrant’s identity is not public, perhaps because the registrant paid a $10 a year fee that is typically charged to keep identity private, he adds.
This latest attack is a good reminder that we not only need protection at work (by going through a fully protected corporate proxy with embedded URL and anti-malware protection), but also at home. For those of you wondering how you get enterprise class URL protection at home, a quick reminder that Blue Coat Systems offers a free client for home use available at http://www.getk9.com
No comments:
Post a Comment