Was just going through the daily news scene when I just got stuck over the article published over pcworld. It seems the Web site for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors’ computers.
Hacking technique used , is not new !!
Seems like the technique or the way used to hack the site is not new. In the past also many websites have been hacked and used to install such kind of malicious codes. Here is what was done
The attackers open an invisible iFrame Window within the victim’s browser, which redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim’s computer.
The malicious software is a variant of the Virut virus family.
Quoting more from the article :
The iFrame pages are commonly used by Web developers to insert content into their Web pages, but because it is possible to create an invisible iFrame window, the technology is often misused by hackers as a way to silently redirect victims to malicious Web sites.
AvSoft, based in New Delhi, sells an antivirus product called SmartCOP and has sold a second antivirus product called Smartdog. The company, which is not well-known in the U.S., also specializes in recovering data lost due to virus attacks. The company could not be reached for comment.
That data recovery service could come in handy for some, as Virut is known as a “parasitic infector” virus that is extremely difficult to remove. It infects all of your programs on your local hard drives, and then it starts hitting your network drives as well the first time you run.
Fortunately, the malware used to install Virut exploits only well-known bugs, meaning that users who are running antivirus software on fully patched systems will probably not be infected by the attack in its current state, security experts say.
Nobody is aware how the virus got inside the website as of now. The news is really shocking and do ring a bell about the highly insecure online world.
Moreover, it also give me an evil idea of marketing a product to create buzz all over the web world. Imagine, apple’s website getting hacked and publicizing Nokia or Sony. Similar way Microsoft’s website gets an advertisement of Linux !!! evil, isnt it ??… Well !! jokes apart, and I hope the webmasters find a solution to this frequent occurring problem and prevent such kind of incident in Future.
Remember the news about 16 year old kid hacking $84 million porn filter in just 30 mins ??
or
Subscribe by an email address !!
20 Comments Till Now
Ohh, I am hearing this first time. Strange, really….
Nothing is secured and protected these days…
OMG !!! I wonder what preventive measure one can take !! Iframe are a part of web !!
@anon , only preventive measure is to keep your OS updated with latest updates and install a proper antivirus and a spyware.
Cheers !!!
@rakshit
. Regular updates can only save us 
.
Yeah nothing is secure over web
One simple answer, nothing is secure over the web- Hackers all around.
agree 100%
Yes no system is 100% secure, because they were created by human brains! And hackers are human too. So I think that creation and destruction - both depends on human brains!
Hey! I’m giving away 1000 entrecard credits. Collect yours!
@earnblogger ,
yeah human brain is root for all evil ,
and will surely check out the credits
Ah, they were so much, careless this time. Might be AV companies should first learn how to protect them before they do any good to others.
Eish!!!Very sad to learn that we are not safe in this ever exciting blogosphere.The danger is that the more exciting it becomes, the more the sites one opens and the greater the vulnerability.
@smackall ,
ohh yeah !! so true..they should pose an example atleast.
@clement ,
Web is a vulnerable place. The only way to keep yourself protected is to be updated all the time
Use Firefox and NoScript add-on, it blocks iframes.
@datadoc,
Great info there buddy !! but not every iframe will launch malacious code
i find many targetting indian IT companies, their skills and talent and are trying to malign India’s image…probably this is also the handiwork of these kinda people…
@techbliss
Thats true Rajesh, many Indian sites were hacked recently. Few months ago when we were working for a mobile game project for a client, their website suddenly changed and got pron images and links to hell lot of 3x sites. We then stopped working for them suddenly as we have a policy for our company strictly not to work in any means for a 3x based project. Then when I tried to contact the client he said it was hacked and the server control was fully taken over by the hackers. And it took few weeks to bring it back.
Just imagine…
The fun in the incident was that they didn’t replace the pages but simply added images and links in right places where people give importance. Link logo, banner etc. Just imagine if someone hacks google and puts a x’y logo variant. Same thing happened. The hacker were not only talented but also had good creativity.
@rajesh,
hackers are not country specific , but yeah they are company specific. Example defacing a highly popular new site like CNN.
@smackall
ohh that was really sad incident which happened for your client. Mostly all the hackers are very talented, thats why so many companies hire them to check their security, better word for them “White Hat Hackers”
wow! I’d never heard of this one before.
milw0rm is the site that is full with all kind of exploits. You can learn a lot of thing there!
(devil) 
need to check
1 Pingback(s)/Trackback(s) Till Now