RSS Feed

Subscribe to this feed

Categories

Tags

Archive

View archive statistics

Calendar

Mo	Tu	We	Th	Fr	Sa	Su
30	31	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	1	2	3
4	5	6	7	8	9	10

Articles by Author

Recent posts

Flotilla clash and the social media warRating: 2.3 / 3
New Paypal phishing spam attackRating: 3 / 2
New MS IE6/IE7 zero-day vulnerabilityRating: 3 / 2

Blogroll

6/10/2009 2:05:00 PM

Hackers used a university website to host their exploit kit

by Bahaa Naamneh

The website of the embassy of Belize in Taiwan has been compromised and an obfuscated JavaScript has been injected into it.

After decoding, the script reveals itself as an IFrame pointing to one of the pages on the Kaohsiung Medical University website:

We are all too familiar with the usual scenario where hackers compromise a legitimate website so that its visitors get redirected to the hacker’s own servers where the exploitation kit is hosted. The ironic thing this time is the fact that hackers didn’t redirect victims to servers of their own, but to the university website which they have compromised and installed their exploit kit (probably an ice-pack) on it, and which they have used for other compromised websites.

At the time of writing, however, the exploit-kit has been removed from the university website.

Currently rated 4.5 by 2 people