RSS Alerts

Share

More services

Related Stories

  • McCartney site serves up Zeus malware
    Paul McCartney's site was serving up the Zeus trojan for three days, according to UK security firm ScanSafe. The attack, in which paulmccartney.com was compromised with malicious Javascript, appears to have been tailored to coincide with interest in his New York reunion concert last weekend.
  • Security Education: A Lesson Learned?
    Despite users being the most integral part of information security, only one to two percent of security budgets are being spent on awareness and education. Stephen Pritchard reports
    Members' Content
  • Apple co-founder Steve Wozniak's Twitter account hacked
    The second Steve behind Apple – Steve Wozniak – has reportedly had his Twitter account hacked, with a message going out late last week saying: "I made $781 today working a few hour from home check this out!"
  • Comodo admits two more registration authorities hacked
    Digital certificate authority Comodo has admitted that two more of its registration authorities (RAs) have been hacked. The hacks appear to be separate from the so-called Iranian lone hacker incident earlier in the month when at least five accounts were compromised.
  • Comodo admits two more Registration Authorities hacked
    US digital certificate authority Comodo has admitted that two more of its Registration Authorities (RAs) have been hacked. The hacks appear to be separate from the so-called Iranian lone hacker incident earlier in the month when at least five accounts were compromised.

Top 5 Stories

News

It's been a Hard Day's Night for Paul McCartney's web site

08 April 2009

The operators of Paul McCartney's web site were caught with their electronic pants down this week after the portal was found to be serving up malware.

The operators of Paul McCartney's web site were caught with their
electronic pants down this week after the portal was found to be
serving up malware.

According to a blog from Mary Landesman over at ScanSafe, the site
hack - Paulmccartney.com - may have occurred due to stolen FTP-based
accounting data, as several other host-linked sites have been
similarly affected.

Interestingly, Infosecurity notes that the number of DIY malicious
code insertion kits has soared since the start of the year, although,
crucially, hackers also need some method of gaining unauthorised
access to the web site that is to be hacked.

Unconfirmed reports on the hacker forums suggest that the Macca web
site hack is one of the first to use a new malware exploit kit that
uses RSA encryption on the Javascript routines.

After what appears to be several redirections (84.244 .138.55 /google-
analytics/ga.js to 84.244.138.55 /ts/in.cgi?sliframe to 84.244 .138.55
/ase/?t=17), users are deluged with a set of client-side malware whose
favour depends on the results of the probes that the origin malware
generates.

http://blog.scansafe.com/journal/2009/4/7/paulmccartneycom-gets-
lucky.html

This article is featured in:
Identity and Access Management  • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012