Websense ’Security Alert about FIAT
April 2009 by Websense
This code takes advantage of the MS Snapshot Viewer exploit (CVE-2008-2463) and the Adobe Reader PDF exploit (CVE-2007-5659). Upon successful exploitation, futher malicious files are downloaded and the infection reported via a phone home to ipaddress 213.15[removed] A rootkit is then installed on the user’s machine.
The anti-virus detection rate for this is poor as can be seen in the AV detection report.
Websense®, Inc. has contacted Fiat to advise them of the issue.
Fiat has been in the news recently with press reports indicating a possible deal being discussed with the American car manufacturer Chrysler (link to news article).
Websense Messaging and Websense Web Security customers are protected against this attack.