Liquid 2
09-08-2006, 10:23 PM
Samsung's website remains compromised
According to several reports, Samsung's Telecom website has been playing host to a number of key-logging trojans (http://www.zdnet.com.au/news/security/soa/Samsung_Web_site_hosts_password_stealing_trojan/0,130061744,339270922,00.htm), of which the company itself was unaware of. Security experts at Websense reported that it had informed Samsung of the breach but even today, Samsung has yet to remove the offending files from the website.
The trojan, said Joel Camissar of Websense, was able to log keystrokes and disable anti-virus applications. Visitors to Samsung's website are at risk to having their passwords stolen as well as other critical information such as financial data -- banking passwords, account numbers, etc.
Websense says that Samsung's webservers were compromised and since then have hosted a number of trojans. Security experts have also been saying that new web technologies such as AJAX have vulnerabilities that allow hackers to craft malicious code, modifying the websites directly from a remote location. Samsung was contacted by Websense as well as ZDnet but unfortunately the company has not responded to either.http://www.dailytech.com/article.aspx?newsid=4107
Those must be some pretty damn sneaky trojans to be able to get on to a companies website unnoticed.
According to several reports, Samsung's Telecom website has been playing host to a number of key-logging trojans (http://www.zdnet.com.au/news/security/soa/Samsung_Web_site_hosts_password_stealing_trojan/0,130061744,339270922,00.htm), of which the company itself was unaware of. Security experts at Websense reported that it had informed Samsung of the breach but even today, Samsung has yet to remove the offending files from the website.
The trojan, said Joel Camissar of Websense, was able to log keystrokes and disable anti-virus applications. Visitors to Samsung's website are at risk to having their passwords stolen as well as other critical information such as financial data -- banking passwords, account numbers, etc.
Websense says that Samsung's webservers were compromised and since then have hosted a number of trojans. Security experts have also been saying that new web technologies such as AJAX have vulnerabilities that allow hackers to craft malicious code, modifying the websites directly from a remote location. Samsung was contacted by Websense as well as ZDnet but unfortunately the company has not responded to either.http://www.dailytech.com/article.aspx?newsid=4107
Those must be some pretty damn sneaky trojans to be able to get on to a companies website unnoticed.