GOP Site Hacked & Infecting Visitors
A web site belonging to the Republican Party for the 1st Congressional Disctrict of Wisconsin has been hacked, and was spreading a variant of the Storm Trojan virus for an undisclosed length of time before it was finally rectified. While the fact that one of the two primary parties has had a web site hacked is nothing new, the fact that the Storm Trojan is infecting web sites is:
“This is the first time that Storm has taken to the Web for its victims, said Dan Hubbard, head of research at San Diego-based Websense Inc. "The big news is that Storm has added infecting sites to its arsenal," said Hubbard.
Storm debuted in January but only cracked the top malware lists early this summer, and has become infamous for its ability to adapt its infection strategies.”
Storm has historically been known for hiding out in e-mail attachments, typically in those great spam e-mails we all love and cherish, or via links inside of e-mails. This new variation, however, seems to attach itself directly to iframe code.
The problem with iframes is that they can (and often do) link to outside sites. Once this part of the code has been infected, any computer visiting a 'safe' site is now subject to attack unless they have are specifically patched against such an attack, and such patches typically are released after a breach has been found.
“This is the first time that Storm has taken to the Web for its victims, said Dan Hubbard, head of research at San Diego-based Websense Inc. "The big news is that Storm has added infecting sites to its arsenal," said Hubbard.
Storm debuted in January but only cracked the top malware lists early this summer, and has become infamous for its ability to adapt its infection strategies.”
Storm has historically been known for hiding out in e-mail attachments, typically in those great spam e-mails we all love and cherish, or via links inside of e-mails. This new variation, however, seems to attach itself directly to iframe code.
The problem with iframes is that they can (and often do) link to outside sites. Once this part of the code has been infected, any computer visiting a 'safe' site is now subject to attack unless they have are specifically patched against such an attack, and such patches typically are released after a breach has been found.
