Create an Account
username: password:
 
  MemeStreams Logo

Paris Hilton’s official web site serving malware
search
Home Agent Weblogs Social Network Post Help About

w1ld
Picture of w1ld
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

w1ld's topics
Movies
Music
Business
  Industries
   Tech Industry
   Telecom Industry
  Management
  Markets & Investing
Games
Health and Wellness
  Fitness
Miscellaneous
  Humor
Current Events
Recreation
  Cars and Trucks
Local Information
  United States
   Tennessee
    Nashville
Science
Society
  Economics
  Politics and Law
Sports
  Golf
Technology
  Computers

support us

Get MemeStreams Stuff!


 
Paris Hilton’s official web site serving malware
Topic: Tech Industry 12:03 pm EST, Jan 14, 2009

So many jokes here...

-----

The official web site of Paris Hilton (parishilton.com) has been embedded with a malicious iFrame, automatically exposing visitors to client-side vulnerabilities and banker malware, according to researchers from ScanSafe. Upon closer analysis, it appears that the site has been infected on the 8th of January, Thursday, becoming the very latest legitimate site whose use of outdated web application software led to its exploitation.

Moreover, just like we’ve seen in previous related attacks, Hilton’s site compromise is a part of bigger malware campaign affecting several thousand sites, and is not being exclusively targeted.

Paris Hilton site infected with malwareA javascript embedded at the bottom of the site, is actually an iFrame that used to point to the now down you69tube .com/flvideo/.a/.t/index .php. Once the downloader is executed it attempts to download another binary from the same site, including configuration files from several other sites among which is ManggaTv.com. The abuse and use of legitimate infrastructure as a foundation for the entire malicious campaign, is a common practice applied by cybercriminals these days. For instance, in this campaign not only is the official web site of a popular celebrity used to acquire the traffic, but also, another legitimate site is used as a dropzone for the configuration file of the banker malware.

Paris Hilton’s official web site serving malware

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0