Friday, December 30, 2011

Amnesty International UK compromised, serving exploits and malware

Researchers from Barracuda Labs have detected a drive-by malware campaign currently embedded at the web site of Amnesty International UK.

Based on historical data, the researchers conclude that the compromise took place on, or before Friday, December 16.

Once users visit the site, a malicious script will load from 3max[.]com serving CVE-2011-3544.

Detection rate for the malicious payload is low.

UPDATE: Emerson Povey from Amnesty International comments:

We have been working with our hosting service to resolve the problem. They have cleaned both servers, rebooted, and removed the script. At 2pm today they confirmed that the issue is now resolved.

brian wilson|carolina panthers|the thing|donovan mcnabb|groupon

No comments:

Post a Comment