Popular Gaming Site of France Infecting Visitors With ZeuS
Researcher from Anti-virus company and security firm Avast, has find out that a French website of popular game Assassin’s Creed has been serving ZeuS malware variants to its visitors for over 8 weeks. The site has been infected with a Trojan java script redirector that sends visitors to a Russian malware site and connects them to a ZeuS powered botnet. The infection was last confirmed by the AVAST Virus Lab at 12.00 CET, April 10, 2012. And, just to make it clear, this Assassinscreedfrance.fr site is not affiliated with Ubisoft, the developers of the Assassin’s Creed franchise.
The web site is currently returning a “Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /homepages/23/d207590046/htdocs/wp-content/plugins/countdown-timer/fergcorp_countdownTimer.php on line 1050” error message.
According to Avast official blog post - So far, Avast has blocked over 179,800 visits by its users to this site. And, Assassinscreedfrance.fr is just one of 1,841 sites around the globe that has been infected with this specific Trojan during the month of March. The infection, a Trojan redirector, sends users to Russian malware distribution server with an IP registered in Saint Petersburg, Russia. And yes, this sever is still working, even after Microsofts’ recent takedown of a few dozen botnet servers. The infection at Assassinscreedfrance.fr is located in the countdown timer in the JavaScript module, a common WordPress plugin. Other sites had infections hitting a wide range of WordPress vulnerabilities. “The bad guys are using an automatic tool that is looking for some holes,” said Jan Sirmer, analyst from the AVAST Virus Lab. “Assassinscreedfrance.fr may have become vulnerable by using an outdated version of WordPress, even though their JavaScript plugin is up-to-date. For the rest of these sites, we can safely say that older programs and plugins are common ways to get infected.”
-Source (Avast Blog)
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
cyber-crime
,
security-news
,
vulnerablity