RSSSamsung Web Site Infecting Visitors
By Ed Oswald | Published September 8, 2006, 3:29 PM
Security firm Websense warned this week that attackers had apparently broke into the Web site of telecommunications company Samsung, infecting certain portions of the site with a Trojan horse. The firm said it was likely that the site had been infected for some time.
"The most current code, which is still available for download, is a Trojan Horse that attempts to disable anti-virus programs, modify registry keys, download additional files, and log keystrokes when connecting to banking websites," Websense said in an advisory.
While the Trojan is dangerous, it requires user interaction in order for it to be installed onto the computer. The security firm said it believed those infected were being lured to the site through instant messaging or e-mail links.
Websense has alerted Samsung of the problem, but as of Friday morning the code was still accessible on the site. The fact that the malware is coming from a reputable source's actual Web site, rather than some faked version, worries researchers.
Increasingly, security experts have been warning users to only trust information and content on sites they know and trust. But when hackers compromise known sites, it puts many users at serious risk for infection as most would not think the content they're downloading would be malicious.
Incidents like the hack of the Samsung Web site are on the increase, say experts. Attacks are likely to begin to appear in seemingly benign places, Symantec Security Response director David Cole warned in his Web log this week.
Samsung has not publicly commented on the situation.
Only problem for people that are too stupid to stop using IE and unpatched OS's
Score: 0
"Only problem for people that are too stupid to stop using IE and unpatched OS's"
Why is it people think that calling people stupid somehow justify's your opinion more? I must say that I use IE--currently running IE7 RC1 on my main PC--yet I have yet to get a virus on it. With IE6 w/SP2 I was not infected either, although had I not updated with the latest "true" critical threat back in December 2005 (the WMF vulnerability), it may have been possible to have become infected.
IE works when you know how to use it methinks--but then again, I'm "too" stupid (nice edit, Paul :) to stop using it because you put it in a betanews thread (therefore it must be true).
Score: 0
IE SUX!
Score: 0
How can Samsung not notice this for "quite some time"?
Score: 0
Samsung had purchased some servers from the company I worked for at the time (2001), and I installed them in Korea. I was suprised at the time how little their IT team knew about basic networking.
I am not suprised that they did not know they were infected!
Score: 0
No security team, trust me most of these companies host stuff in other countries or have cheap labor doing the work.
Score: 0
Exactly!
Score: 0
DAMN Samsung, you need to hire a new security team.
LOL@slackasssecurity
Score: 0
Samsung needs a SECURITY team.
Score: 0
If you follow the security news, you know that these types of infections have been going on for quite some time, but have largely been ignored by the mainstream press and hushed up by the companies involved. Unfortunately, as users become more sophisticated about protecting their systems, stealth attacks like this will become more and more common. The onus is now on the companies to ensure that their websites are secure.
Score: 0
No replies... If this was Sony, there would be scores of rabid XBox fanboys ranting about rootkits and the like...
Score: 0
And if it was MS's XBox site, there would be tons of fanboys for Sony, Mac, and Linux ranting about anything and everything. Your point?
Score: 0
The point is obvious, It's cool to bash Sony, but reality is they are no better or worse that most other large companies, Microsoft, Samsung, Apple included.
Score: 0
Yeah, but this article had nothing to do with Sony.
Score: 0
Yeah because Samsung did this intentionally, right? Sony's rootkit WAS intentional. Do you see the difference yet? I knew you could.
Score: 0
Are you so sure that Samsung didn't do it intentionally ?
Score: 0
personally i've thought for a long time sony and samsung both suck, but thats just IMHO
Score: 0
What??
Samsung has a virus on it's web site. = sony hiring a company to put a virus on a music CD is the same thing??
now samsung is really bad for allowing this to happen. I hope the virus is NOT in the drivers folders!! that would really suck!
But as of this report they are NO way like Sony!!
Score: 0