ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Asus.com hacked, serving up .ANI exploits

By | April 6, 2007, 8:15am PDT

The official Web site of Asustek Computer has been hijacked and used to serve up exploit code for the recently-patched animated cursor (.ani) vulnerability.
  Photo Gallery: Catch a glimpse of the animated cursor exploit in action. The image gallery includes screenshots of rigged sites and an exploit timeline that shows the rapid escalation of the attacks.  

An embedded iFrame HTML element was planted on the Asus.com site (currently offline) and used to point visitors to other malicious sites hosting the ANI exploit code.

The Asus.com hijack was first reported on Dynamoo's Blog and verified by Kaspersky Lab's Roel Schouwenberg.

Asustek Computer, a well-known mother board manufacturer, also produces cell phones, desktop and notebook computers, graphics cards, optical drives, servers, and networking devices.

This is not the first malware-related site breach affecting Asus.com. Last December, the site was launching drive-by downloads of password-stealing spyware programs on unsuspecting surfers.

Asustek officials could not be reached for comment.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Site, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

8
Comments
Add Your Opinion

Join the conversation!

Just In

IIS6
toadlife 7th Apr 2007
"Even if apache had a buffer overflow vuln the most it would do is crash apache."

Same for IIS6, as it runs in a process that has near zero privileges on the system.

IIS5 however...
View in thread
0 Votes
+ -
Is it any wonder why Asus is getting hacked?
YinToYourYang-22527499 6th Apr 2007
They're using Windows and IIS...

http://toolbar.netcraft.com/site_report?url=http://www.Asus.com
0 Votes
+ -
Indeed...
fde101 6th Apr 2007
One begins to wonder how long before M$ starts dishing these out too...

They are actually foolish enough to be using their own software!

Even eBay has this goofed!

At least amazon.com seems to be using something potentially securable... as is Apple, of course!
0 Votes
+ -
According to zone-h.org's database, Linux gets hacked more
georgeou 6th Apr 2007
"The Linux servers were actually getting hacked and defaced far more often than the Windows server and Apache was also being hacked and defaced more than Microsoft IIS"

http://blogs.zdnet.com/Ou/?p=77
0 Votes
+ -
Poor Admins
Suicida| 7th Apr 2007
I have never had either hacked, hijacked or defaced; although many have tried according to the logs.

What I dislike about IIS is you have to manually update your extras i.e mysql, php, perl,python etc.. too much work, not to mention getting hardened php on windows is a PITA.

Ill put a hardened Linux LAMP system up against 2003, IIS, .NET anyday of the week. Even if apache had a buffer overflow vuln the most it would do is crash apache.
0 Votes
+ -
IIS6
toadlife 7th Apr 2007
"Even if apache had a buffer overflow vuln the most it would do is crash apache."

Same for IIS6, as it runs in a process that has near zero privileges on the system.

IIS5 however...
0 Votes
+ -
(nt)So did you have something to say?
toadlife 6th Apr 2007
...
0 Votes
+ -
Microsoft wants to rule the SOFTWARE world!
nomorems 7th Apr 2007
If you have ANYTHING to do with software (SAP. IBM and even HP) Microsoft is out to get you! They will stop at nothing less than total ownership of all bits and bytes!

The danger is Real! The Danger is Microsoft!...
0 Votes
+ -
They need to increase their support for Vista anyways.
CobraA1 7th Apr 2007
They need to increase their support for Vista anyways - I'm sure a lot of people are pissed at them for not offering drivers for older motherboards such as the A8N-SLI Deluxe, even though it's perfectly capable of running Vista.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix