The Latest in IT Security

instantshift.com (Alexa ~5000) was briefly compromised

31
Aug
2011

The site Instantshift.com was compromised on August 28, 2011. It was then quickly fixed. 

InstantShift is a leading design resources community for Web designers and developers. It is worth noting that the compromise of a Web site like instantshift.com may lead to mass compromises, as many other Web site owners may potentially get compromised by accessing this site for design templates, among other resources. At this point, we have detected other Websites compromised with the same injected code. Websense Security Labs will continue to monitor the malicious injections closely and provide protection against them.

Websense customers are protected from Web-based threats by ACE, our Advanced Classification Engine

Compromise Details

 

Exploits are sent via the injected iframe. This process happens silently when the attack page is loaded. The exploits are loaded from one of the most prevalent exploit kits today – the Blackhole exploit kit. Any successful exploitation results in the Zeus/Zbot Trojan being installed silently on the user’s machine. The malicious contents are currently cleaned up.

 

Leave a reply


Categories

TUESDAY, DECEMBER 18, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks