Search
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Websense ’Security Alert about FIAT

April 2009 by Websense

Websense® Security Labs ThreatSeeker Network has discovered that the official Web site of Fiat in Singapore has been compromised and is infecting the machines of site visitors with malicious code. Fiat is an Italian automobile manufacturer and industrial group based in Turin. Malicious code, showing traits of the Luckysploit exploit kit, has been inserted onto the main page of the site using an iframe. This iframe redirects itself to the pages of a different host that contains malicious obfuscated JavaScript code.

This code takes advantage of the MS Snapshot Viewer exploit (CVE-2008-2463) and the Adobe Reader PDF exploit (CVE-2007-5659). Upon successful exploitation, futher malicious files are downloaded and the infection reported via a phone home to ipaddress 213.15[removed] A rootkit is then installed on the user’s machine.

The anti-virus detection rate for this is poor as can be seen in the AV detection report.

Websense®, Inc. has contacted Fiat to advise them of the issue.

Fiat has been in the news recently with press reports indicating a possible deal being discussed with the American car manufacturer Chrysler (link to news article).

Websense Messaging and Websense Web Security customers are protected against this attack.




See previous articles

    

See next articles