Add embassy websites to the growing list of hacked internet destinations trying to infect visitor PCs with malware. Earlier this week, the site for the Netherlands Embassy in Russia was caught serving a script that tried to dupe people into installing software that made their machines part of a botnet, according to Ofer Elzam, …
Not the first, and sadly probably won't be the last..
Last September webpages of the US Consulate General in St Petersburg were compromised by hackers. On that occasion cybercriminals planted the Mal/ObfJS-C malicious code, that then attempted to download further malware from a remote server.
As is the norm these days, it was all a ruse to steal business and personal data from unwary visitors. More info was posted on the Sophos blog at http://www.sophos.com/news/2007/09/consulate.html
With something like 6000 new webpages discovered each day carrying malicious code (and over 80% of those being legit websites that the bad guys have hacked) it's becoming clear that you can't trust *anyone* these days to have a squeaky clean site.
I think it's time for the website owners and webhosts to take some responsibility for the security and patching of their sites, rather than just hoping that Joe Public will ensure that their browser and visiting computer are properly defended.
- 'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
- Pics Facebook's Oculus unveils 360-degree VR head tracking 'Crescent Bay' prototype
- Crawling from the Wreckage THE DEATH OF ECONOMICS: Aircraft design vs flat-lining financial models
- Bargain basement iPhone shoppers BEWARE! eBay exposes users to phishing vuln
- Google+ GOING, GOING ... ? Newbie Gmailers no longer forced into mandatory ID slurp