Blog Compromised Malware Injected

Monday, March 18, 2013 @ 06:03 PM gHale


A blog from hard disk drive manufacturer Seagate suffered a compromise that contains malicious iFrame injections that redirect users to websites hosting the Blackhole exploit kit, researchers said.

Even though Seagate spotted the compromise late last month, the company has still not reacted and cleaned the blog, said researchers at Sophos.

RELATED STORIES
Spear Phishing Takes it Up a Notch
APT Disconnect Means Poor Defense
‘Trust’ Risk Losses Soaring
Attacks Spreading to Other Industries

“I suspect that many webmasters fail to see the problem themselves and dismiss abuse reports as a result. Which is understandable, as reproducing the problem can certainly be tricky,” said Sophos’ Paul Baccas.

“It would seem that certain checks are done by the malicious Apache module, meaning that the malicious iFrame is only injected into outbound HTML/JS content when certain conditions are met.”



Leave a Reply

You must be logged in to post a comment.