The US Department of Labor's website has been hacked and malicious code stuck behind the scenes, security tools firm AlienVault says. Since yesterday, the DoL site has been serving out malicious code that installs malware on unsuspecting users' computers, AlienVault's labs director Jaime Blasco told The Register. The DoL said …
Re: Be secure - Use non-Windows.
From the article:
"Browsers execute a script from a malicious server when folks visit the affected site, the DoL's Site Exposure Matrices microsite. The infected script collects information including Flash versions, PDF plugins and MS Office versions from users' systems. Captured data is then uploaded to the hackers' server, AlienVault discovered.
The malware also checks if the target's system is running antivirus programs like McAfee, AVG or Sophos. If it detects the popular Bitdefender free anti-virus program, the malware will try to deactivate the AV suite."
Where in there does it make reference to this only affecting windows devices ?
OK, chances are that most visitors will be running windows in some form, but surely that's because windows is much better than that *Nix garbage ?
>Blinker Removal Needed ?<
US Labor Dept website serving malware to innocent visitors
No one's innocent.
Gee I wonder if they went after the Labor Dept because they are not big on labor laws at all (one man's school is another man's Chinese government owned fireworks factory). Somebody forgot to tell them we are now backsliding and well on our way back to child labor for the poor as well (what was that Newt and other GOP twits said on the issue?).
@asdf: Re: interesting choice
You show great agility in moving from subject A to completely unrelated subject B. This sort of tangential thinking comes easily to you, does it? What do your doctors say about it?
Re: @asdf: interesting choice
So says the Anon coward afraid to show his post history. What are you hiding?
I wouldn't for one second believe that Western hacks against China are any less frequent, or less severe. It's just the general approach to reporting these hack-stories is pretty guttery, to be honest.
The impacts may also be less severe as China still is not as dependent on electrons flowing as the West especially in their country side.
Re: China has less to nick
Nice one Eadon - I think I should return to doing proper work offline and that's a bested pipe icon btw
As an advocate for the workers and their survivors who became ill from working at the nuclear weapons facilities, I am dismayed and concerned about this incident. Originally, only DOL claims examiners had access to this database. They used the information to decide whether or not a toxic exposure was responsible for an illness. The advocates fought hard to get this database in the public domain so that the claimants would have the right to challenge any incorrect information. Before the database was made public, the advocates felt that the claimants due process rights were being violated. Now, because of this hack, we are back to square one. Shame on the hackers! We have no idea if DOL will be able to fix this. Or even if they would want to. We have no idea if the claimants will be able to find the evidence they need to prove their claim.
@tbarie, the US Government requires, by law, all data be backed up.
So, the worst case is, data may be lost from whenever the server was infiltrated to complete data restoration.
That said, such backup needs funding. One organization I worked for had a "red headed stepchild" budget and we had to backup servers to other servers and zip funding for central log administration.
But, if they can't fix the problem, the lot of them need to be released to find jobs as cab drivers and competent personnel be hired.
And yes, I'm familiar with your advocacy group. It has helped a lot of people over the years and I hope it continues to advocate for those injured during our hasty rush to things nuclear before we fully understood the issues around the various programs.
Swiss cheese internet anyone...?
This is so sad I don't know whether to laugh or cry! Feeble Internet Security...
Re: Swiss cheese internet anyone...?
Even money, it was an idiot perusing his gmail account while logged onto the server.
Caught one admin doing that when I was overseas and I was the IA guy for the installation.
Couldn't get him fired. :(
Re: Swiss cheese internet anyone...?
How about just blocking all forms of webmail?
Ok, it doesn't stop idiots from using remote access from home machines to compromise your servers, but there usually isn't a business case for allowing any webmail on corporate networks and there are business reasons for blocking it (IP theft etc)
(Unless your corporate email is provided by one of these webmail services, in which case, $deity help you!)
Another reason why forcing everyone to access public services through the WWW is a bad idea.
Be nice to say a little bit about what platform the site is running on if we're talking about a vuln which presumably we are.
@Eadon - for pity's sake, I thought we all knew many attacks appear to come from China because of the abundance of insecure machines out there. The "hackers" can be anywhere, and are more than likely right here or in the US or Germany.