Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Paris Hilton’s official web site serving malware. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Paris Hilton’s official web site serving malware
by w1ld at 12:03 pm EST, Jan 14, 2009

So many jokes here...

-----

The official web site of Paris Hilton (parishilton.com) has been embedded with a malicious iFrame, automatically exposing visitors to client-side vulnerabilities and banker malware, according to researchers from ScanSafe. Upon closer analysis, it appears that the site has been infected on the 8th of January, Thursday, becoming the very latest legitimate site whose use of outdated web application software led to its exploitation.

Moreover, just like we’ve seen in previous related attacks, Hilton’s site compromise is a part of bigger malware campaign affecting several thousand sites, and is not being exclusively targeted.

Paris Hilton site infected with malwareA javascript embedded at the bottom of the site, is actually an iFrame that used to point to the now down you69tube .com/flvideo/.a/.t/index .php. Once the downloader is executed it attempts to download another binary from the same site, including configuration files from several other sites among which is ManggaTv.com. The abuse and use of legitimate infrastructure as a foundation for the entire malicious campaign, is a common practice applied by cybercriminals these days. For instance, in this campaign not only is the official web site of a popular celebrity used to acquire the traffic, but also, another legitimate site is used as a dropzone for the configuration file of the banker malware.


 
 
Powered By Industrial Memetics