Websense® Security Labs™ ThreatSeeker™ Network has detected that the DNS cache on the default DNS server used by the customers of China Netcom (CNC) has been poisoned. When China Netcom customers mistype and enter an invalid domain name, the poisoned DNS server directs the visitor's browser to a page that contains malicious code.
When users mistype a domain name they are sometimes directed by their ISPs to a placeholder Web site with generic advertisements. In the case of CNC its customers are directed to a web site under the control of an attacker. Malicious sites contain an iframe with malicious code that attempts to exploit RealPlayer, MS06-014, MS Snapshot Viewer and Adobe Flash player vulnerabilities.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment