The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    Asus Web site harbors threat

    Discussion in 'Asus' started by adangola, Apr 11, 2007.

  1. adangola

    adangola Notebook Enthusiast

    Reputations:
    0
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    5
    Sorry if this was already posted, did a search and didn't find anything relating to this.

    http://news.com.com/2061-10789_3-6174221.html

    Asus Web site harbors threat
    April 6, 2007 4:39 PM PDT
    del.icio.us Digg this
    It is not such a Good Friday for ASUStek Computer.

    The main Web site of the Taiwanese hardware maker, known for its Asus branded PCs and motherboards, has been rigged by hackers to serve up malicious software that attempts to exploit a critical Windows flaw, security experts said Friday.

    The attackers added an invisible frame, a so-called iframe, to the front page of the Asus.com Web site. When visiting the site, a victim's browser will silently connect to another Web site that tries to install a malicious program.

    "We've just confirmed multiple reports about Asus.com, a very well known hardware manufacturer, being compromised," a researcher with Kaspersky Lab wrote on the company's Viruslist.com site.

    The SANS Internet Storm Center, which monitors network threats, also confirmed the hack. However, the malicious code the ISC found did not attempt to exploit the Windows cursor hole for which Microsoft rushed out a patch this week. Kaspersky said the nefarious code it found did.

    David Ray, a spokesman for Asus in the U.S., could not confirm if the company's main Web site had been hacked. However, he noted that the U.S. sub site appeared fine.

    Cybercrooks often hack trusted sites to deliver nasty software that typically logs keystrokes and lets attackers remotely control commandeered PCs. A recent incident involved the site for the Miami Dolphins stadium, days before the Super Bowl was held there. Microsoft's MSN Korea site has also been hacked in a similar way.

    The recent Windows vulnerability related to animated cursor files is being exploited widely, experts have said. A PC can be compromised when the user simply surfs to a malicious site or views a rigged e-mail.
     
    adangola, Apr 11, 2007
    #1
  2. coriolis

    coriolis Notebook Nobel Laureate

    Reputations:
    2,319
    Messages:
    14,119
    Likes Received:
    1
    Trophy Points:
    455
    Yeap, it was attacked and that was there for about an hour, then it was quickly fixed.
     
    coriolis, Apr 11, 2007
    #2