According to Sophos, the malware is embedded at the bottom of the Laoairlines.com web page in invisible java script code.
Users who simply embark on the site will automatically be redirected to another site in China which then attempts to run an exploit and download an executable.
Sean Richmond, senior technology consultant at Sophos A/NZ, said the download will just happen on its own without any interaction with the page.
“If you’re using Internet Explorer it will just lead you off to the malicious site,” he said. “It’s an indicator of how pervasive this rubbish is becoming. Lao Airlines have become victims and we’re communicating with their IT department at the moment through our Singapore offices.”
Richmond added that travellers looking for cheap travel to Asia should make certain their computer is up to date with anti-virus software and patches.
"You can’t assume it’s going to be cool, you have to make sure you are protected," Richmond said.
Malware found on LaoAirlines.com, travellers beware of other sites
By Negar Salek on Nov 23, 2007 11:23AM