Fergie wrote: > Websense® Security Labs¢ has discovered malicious code hosted on a > government body's official Web site. The victim is Comisión Federal de > Telecomunicaciones, a division of Mexico's government (equivalent of the > FCC in the United States). > > The main page of this Mexican government Web site does not contain anything > malicious. However, when a user visits http://prospectiva.cft.gob.mx/, an > .scr file is downloaded. After execution, the .scr file drops a > suspiciously named executable into the Windows startup directory for all > users.
Not the first time this site was hit recently either -- in fact, the currently cached copy of their home page at Google is a case in point... http://64.233.167.104/search?q=cache:VIj_u3bldEAJ:prospectiva.cft.gob.mx /indexcakal.html+http://prospectiva.cft.gob.mx/ Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
