Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3342
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Anti-Virus Maker Trend Micro Infects Users with Malware via Hacked Website  (Read 4801 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Japanese anti-virus developer Trend Micro managed to diverge from its default strategy of offering protection from malicious code, switching a full 180 degrees by serving malware to users, although through no real fault of its own. On March 12, 2008, Trend Micro announced that a portion of its official website had been hacked three days earlier, on March 9, and that it was set up to deliver malware to visitors. Trend Micro warned the users that landed on the malformed webpages of a strong possibility that their systems might have been compromised by a Trojan Horse labeled JS_DLOADER.TZE.

 
The malicious pages were up for no less than three days before  Trend Micro identified the problem and shut them down. The
Shibuya Ward Tokyo-based outfit considered it necessary to inform only the Japanese customers of the issue. However, security company Sophos revealed that both the English and Japanese sections of the official Trend Micro website had been hacked.

"A number of webpages on the firm’s Japanese and English-language website were altered by hackers on Sunday 9 March, who used a malicious iFrame exploit to deliver a Trojan horse onto surfers’ computers. Trend Micro is believed to have uncovered the problem on Wednesday 12 March and replaced affected pages with a message saying 'This page is temporarily shut down for emergency maintenance' as the following image from the www.trendmicro.co.jp," explained Graham Cluley, senior technology consultant at Sophos.

Cluley opined that a software vulnerability was the most probable cause of the hack. Trend Micro failed to confirm whether an exploit of a security flaw was the open door for the hack, or to pin point another cause. According to Sophos, the visitors on the malformed pages of Trend Micro's website have been exposed to the malware not only by accessing the infected content, but also by clicking URL links embedded in the malware’s name.

"In a nutshell - what has happened here is a criminal act, and our friends at Trend Micro (and people visiting the hacked pages) are victims of the crime. Sadly it’s not an uncommon crime these days - and all kinds of businesses have suffered. This isn’t the time or place to make cheap shots against a competitor. All other companies with a web presence should take this unfortunate incident as an opportunity to check that their own websites are properly secured," Cluley advised.



(Marius Oiaga, Technology News Editor)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising