A FOREX trading website has been contaminated with a malicious Java applet that is designed to install malware on the systems of visiting surfers. The targeted website is a popular FOREX (foreign exchange market) website called "Trading Forex" (tradingforex.com). The website remains contaminated as of Thursday lunchtime …
For a moment
I thought they had hacked the FourEcks trading site (operated from Didjabringabeeralong no doubt (or was that Bugarup))
Re: For a moment
No worries, mate, she'll be alright...
china launching 'currency' trading in London Friday 30th
believe the chinese launch a limited start to currency trading in London on Friday the 30th
seems approproiate timing to work out who's buying their 'product'
Re: china launching 'currency' trading in London Friday 30th
I don't believe this is related.
To start with, Chinese hackers aren't so clumsy as to ask potential victim to install a rootkit alongside with required .NET runtime.
More importantly, it is in China interest to let the liquidity build up on the exchange, rather than scare the users away.
apache on win32
The first time I see "Apache(Win32)" in the webserver's token. The question is how did the website get compromised.?
It identifies itself as "Apache/2.2.22 (Win32) PHP/5.4.5" .So one would only guess poorly designed php scripts, or the good ol' malware friendly Microsoft OS (0-day?), or that the hacker is a part time admin of the said website, or the use of "passw0rd" as the strong admin password. Could it be all four?