UN AIDS site target of new 'vulnerability scan' attack

By
Follow google news

Hackers compromise a United Nations’ Asia Pacific AIDS information site using an emerging malicious technique which scans for multiple vulnerabilities.

UN AIDS site target of new 'vulnerability scan' attack
Researchers at Websense have warned that the ‘Youandaids HIV/AIDS portal for Asia Pacific’ - a division of the UN AIDS initiative became the target of new hacker technique yesterday.

The method scans for multiple un-patched Microsoft vulnerabilities in an aim to install a back-door Trojan, according to Joel Camissar managing director A/NZ at Websense.

“Rather than looking for one exploit – which is the norm - it looks for several and hones in on one to then install a Trojan horse,” said Camissar.

“When the Web site is visited, a malicious JavaScript file (e.js) is executed. Site visitors infected with this malicious code will have a Trojan downloaded and backdoor installed on their desktops,” according to a Websense advisory.

First discovered on 17th August, the technique was used to attack a prominent Indian bank and a US biotechnology company, said Camissar.

“And this campaign is hosted by the same group,” he added.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
aidsattackemergingofscansecuritysitetargetunvulnerability

Sponsored Whitepapers

The cloud tipping point
The cloud tipping point
How AI will deliver real business value
How AI will deliver real business value
The multicloud imperative
The multicloud imperative
Your multicloud advantage
Your multicloud advantage
The business value of Oracle Autonomous Database
The business value of Oracle Autonomous Database

Events

Most Read Articles

WA man jailed for at least five years for evil twin attack

WA man jailed for at least five years for evil twin attack
Home Affairs to unleash AI on sensitive government data

Home Affairs to unleash AI on sensitive government data
Watt flags more fed insourcing after BoM website outrage

Watt flags more fed insourcing after BoM website outrage
ASX outage caused by security software upgrade

ASX outage caused by security software upgrade
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?