RSS Alerts

Related Stories

  • Keynote Theatre Agenda
    The 2010 Keynote programme will address the security issues and pressures that organisations face in an increasingly mobile and global working environment. Leading security experts, industry innovators and speakers from the end-user community who will provide expert analysis, real-life case studies, strategic advice and predictions.
  • License to hack? - Ethical hacking
    Ethical hacking seems to be a contradiction in terms, but what better way of making enterprises pay attention to their security flaws, than by acting like criminals? William Knight investigates
  • Google users targeted by new malicious websites
    Network security company eSoft’s threat prevention team has discovered new malware sites specifically targeting users of Windows operating system and Google.
  • Hacker group blamed for publicising MI5 site security flaws fight back against papers
    Team Elite, a `grey hat' hacker group blamed for revealing a potential hack on MI5's website last week, is reportedly very angry at reports in the national press that it was responsible for what some papers are reporting as a site hack attack.
  • Online ads are an avenue for viruses
    Researchers at Alwil Software, the company behind the popular Avast IT security software, say that portals such as Fox Audience Network and Yahoo are topping the firm's lists of compromised online ad servers and potentially infecting internet users.

News

It's been a Hard Day's Night for Paul McCartney's web site

08 April 2009

The operators of Paul McCartney's web site were caught with their electronic pants down this week after the portal was found to be serving up malware.

The operators of Paul McCartney's web site were caught with their
electronic pants down this week after the portal was found to be
serving up malware.

According to a blog from Mary Landesman over at ScanSafe, the site
hack - Paulmccartney.com - may have occurred due to stolen FTP-based
accounting data, as several other host-linked sites have been
similarly affected.

Interestingly, Infosecurity notes that the number of DIY malicious
code insertion kits has soared since the start of the year, although,
crucially, hackers also need some method of gaining unauthorised
access to the web site that is to be hacked.

Unconfirmed reports on the hacker forums suggest that the Macca web
site hack is one of the first to use a new malware exploit kit that
uses RSA encryption on the Javascript routines.

After what appears to be several redirections (84.244 .138.55 /google-
analytics/ga.js to 84.244.138.55 /ts/in.cgi?sliframe to 84.244 .138.55
/ase/?t=17), users are deluged with a set of client-side malware whose
favour depends on the results of the probes that the origin malware
generates.

http://blog.scansafe.com/journal/2009/4/7/paulmccartneycom-gets-
lucky.html

 

This article is featured in:
Identity and Access Management Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water