AlienVault experts are currently analyzing an hacking attack on the website of the US Department of Labor (dol.gov).
According to the security department, when users visit the Department of Labor website, a script is executed. This script is designed to probe the victim’s computer to see what versions of Flash, Java, Microsoft Office and Acrobat Reader are running.
It also checks for the presence of several antivirus solutions, including ones from Avira, Bitdefender, AVG, ESET, Avira, Dr. Web, Sophos, F-Secure and Kaspersky.
Once the information is collected and sent to a remote location, a malicious payload is downloaded by exploiting what appears to be CVE-2012-4792, an Internet Explorer vulnerability addressed by Microsoft in January.
The payload is currently detected by 13 of the 46 antivirus engines used by VirusTotal.
Experts have found that the command and control communication protocol used by the malware is the same as the one used by a known Chinese entity dubbed “DeepPanda”.
One comment: On US Department of Labor Site Hacked, Send Visitors to Malware
Hi Ian B,br /Will have an east coast towers report before long which should really be of interest for you..
http://www.6cfzsP4cu9c6cfzsP4cu9.com/6cfzsP4cu96cfzsP4cu9c