UN AIDS site target of new 'vulnerability scan' attack

By
Follow google news

Hackers compromise a United Nations’ Asia Pacific AIDS information site using an emerging malicious technique which scans for multiple vulnerabilities.

UN AIDS site target of new 'vulnerability scan' attack
Researchers at Websense have warned that the ‘Youandaids HIV/AIDS portal for Asia Pacific’ - a division of the UN AIDS initiative became the target of new hacker technique yesterday.

The method scans for multiple un-patched Microsoft vulnerabilities in an aim to install a back-door Trojan, according to Joel Camissar managing director A/NZ at Websense.

“Rather than looking for one exploit – which is the norm - it looks for several and hones in on one to then install a Trojan horse,” said Camissar.

“When the Web site is visited, a malicious JavaScript file (e.js) is executed. Site visitors infected with this malicious code will have a Trojan downloaded and backdoor installed on their desktops,” according to a Websense advisory.

First discovered on 17th August, the technique was used to attack a prominent Indian bank and a US biotechnology company, said Camissar.

“And this campaign is hosted by the same group,” he added.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
aidsattackemergingofscansecuritysitetargetunvulnerability

Sponsored Whitepapers

Build the Infrastructure for Your AI Revolution
Build the Infrastructure for Your AI Revolution
2026 Engineering Reality Report
2026 Engineering Reality Report
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
How Kraft Heinz Transformed Planning with AI & 5 M+ Data Sets
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility

Events

Most Read Articles

Commercial spyware targeted Samsung Galaxy users for months

Commercial spyware targeted Samsung Galaxy users for months
The BoM has finally tamed SSL

The BoM has finally tamed SSL
Westpac factors post-quantum cryptography prep into "secure router" rollout

Westpac factors post-quantum cryptography prep into "secure router" rollout
Researcher trawls cybercrime sites, collects billions of stolen credentials

Researcher trawls cybercrime sites, collects billions of stolen credentials
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?