| Googlepages downloads Trojan |
|
|
|
| Monday, 19 June 2006 | ||||
|
According to the article the malware contains a banking information stealing component that captures user banking credentals and keylogger components. Accordingly it appears that this was caught before any infections could begin. At the current time we are unaware if the hacker is using a browser vulnerability to trigger the attack, or was a prelude to phishing attacks using Google's trusted domain to lure users into clicking and downloading the Trojan file. This goes to show that more and more attacks are possible via web-interfaces rather than attacks directly on the services itself, which in this case was the likely avenue of attack and placement of this malware. We can only speculate that this trend will continue with the adoption of newer technologies like AJAX / SOAP which shifts much of a web sites code to the client ( users ) browser.
Powered by a Zone-H(ified) version of AkoComment 3.0! DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice. |
||||
Today security company Websense is reporting conformation that a site hosting Googlepages contains malicious code. 
| < Prev | Next > |
|---|
