MUST READ: Yahoo lands Tumblr for $1.1 billion: report

Topic: Malware

Cryptome.org hacked, serving client-side exploits

Summary: The popular whistle-blowing web site Cryptome.org, was recently hacked, and a malicious script was embedded on it pointing to a BlackHole web malware exploitation kit.

Dancho Danchev

By for Zero Day |

The popular whistle-blowing web site Cryptome.org, was recently hacked, and a malicious script was embedded on it pointing to a BlackHole web malware exploitation kit.

The BlackHole Web malware exploitation kit was serving client-side vulnerabilities from hxxp://65.75.137.243/Home/index.php with the IP currently offline.

Apparently, the attack was configured to only exploit users running Microsoft's Internet Explorer, compared to a situation where the cybercriminals could have utilized BlackHole's true multi-browser exploitation potential, and target multiple browsers.

According to Cryptome.org's most recent note:

14 February 2012. 16:30GMT: Cryptome 100% restored with clean files. The Blackhole malware was removed on 12 February 2012. Apparently, according to the malware, only users of MS IE were targeted, bad enough.

Users are advised to ensure that they're not running vulnerable third-party applications, and browser plugins.

Topics: Malware, Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion

  • RE: Cryptome.org hacked, serving client-side exploits

    Cryptome is a website hosted in the United States since 1996 by independent scholars and architects John Young and Deborah Natsios that functions as a repository for information about freedom of speech, cryptography, spying, and surveillance.
    jerald76
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close