Search This Blog

Subdomain of US Department of Labor website hacked and serves malware

Site Exposure Matrices (sem.dol.gov), the sub-domain of the United States Department of Labor website is found to be hacked and infected with malicious code.
Site Exposure Matrices (sem.dol.gov), the sub-domain of the United States Department of Labor website is found to be hacked and infected with malicious code. 

The Malware analysts at AlientVault Labs analyzed the page and found one of the javascript file is infected and loads malicious external javascript code.

The external script is designed to collect the following information from the victim's computer: Java version, Microsoft Office version, Adobe Reader version, flash version running on the system.

The script is also able to check the presence of the following antivirus : Avira, BitDefender, Mcafee, AVG, NOD32, Dr.Web,Microsoft Security Essentials, Sophos, Kaspersky and F-Secure.

The collected information is being send to the remote server and it serves the malicious code that attempts to exploit the Use-after-free vulnerability in Internet Explorer(CVE-2012-4792).

According to their report, some of the techniques used in the attack resembled the previous exploit identified in the Thailand NGO website.
Share it:

Breaking News

Cyber Security News

IT Security News

Malware Report