back to article Protip: If you'd rather cyber-scoundrels didn't know the contents of your comp, don't apply for a Pakistani passport

A Pakistani government website was compromised with a keylogger and other malware that hoovered up a whole host of information about people checking on their passport application status. Researchers from Trustwave discovered that the Scanbox JavaScript framework was running on the site. The keylogger scooped up users' login …

  1. Jason Bloomberg Silver badge
    Flame

    Who will save us?

    JavaScript appears to have become far too clever for its own good while browsers seem to simply let it get away with whatever it seeks to do. In this day and age it shouldn't be possible to merely inject a script link into a web page and do what they have done.

    I thought it better to not use the 'nuke it from space' icon given the current situation in the region.

    1. JimmyPage Silver badge
      Thumb Up

      Re: Not just that ...

      The number of sites that simply will not work without javascript enabled makes the internet pretty much useless if you are religious about NoScript.

      (btw, when did the Anonymous option disappear ?)

      1. gerdesj Silver badge
        Childcatcher

        Re: Not just that ...

        (btw, when did the Anonymous option disappear ?)

        Good question. I can't find it either ...

        1. Anonymous Coward
          Anonymous Coward

          Re: Not just that ...

          Seems like it's back or just working on iOS

          1. Anonymous Coward
            Anonymous Coward

            Re: Not just that ...

            Still there for me (Firefox on Win10).

  2. rdhood

    "We contacted the Pakistani government..."

    I submit that it is just as likely as not to be an inside job with approval of those in charge.

    1. BrownishMonstr

      Re: "We contacted the Pakistani government..."

      Perhaps corruption within the ranks. But the Gov probably has easier ways to get the data.

  3. Jon Smit
    Big Brother

    It's doesn't take Einstein

    To work out why and why this department of Pakistan government was hacked.

  4. sanmigueelbeer Silver badge

    While the command-and-control server went dormant shortly after the threat research firm started poking around

    This to me says someone, like the owner, is actively "monitoring" the state & status of the C&C.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019