The site Instantshift.com was compromised on August 28, 2011. It was then quickly fixed.
InstantShift is a leading design resources community for Web designers and developers. It is worth noting that the compromise of a Web site like instantshift.com may lead to mass compromises, as many other Web site owners may potentially get compromised by accessing this site for design templates, among other resources. At this point, we have detected other Websites compromised with the same injected code. Websense Security Labs will continue to monitor the malicious injections closely and provide protection against them.
Websense customers are protected from Web-based threats by ACE, our Advanced Classification Engine.
Compromise Details
Exploits are sent via the injected iframe. This process happens silently when the attack page is loaded. The exploits are loaded from one of the most prevalent exploit kits today – the Blackhole exploit kit. Any successful exploitation results in the Zeus/Zbot Trojan being installed silently on the user’s machine. The malicious contents are currently cleaned up.
Leave a reply
