Hackers Attack U.S. Consulate in Russia

Cybercriminals planted malicious code on Web site, has since been fixed.

by / September 13, 2007

It has been reported that Web pages of the U.S. Consulate General in Saint Petersburg, Russia, were compromised by hackers earlier this week. The infected pages have since been cleaned up.

According to IT security firm Sophos, the attack was part of a larger campaign by cybercriminals in which vulnerable web servers were targeted. This resulted in more than 400 Web pages around the world being infected over the last week. The majority of the compromised pages were hosted in Russia.

"This latest attack highlights the fact that no organization is immune from infection, and that no matter what the size of the company, it must defend its Web pages fully to avoid being stung," said Fraser Howard, principal virus researcher at SophosLabs. "The hackers have reeled in a big fish on this occasion and will no doubt be very pleased with their catch of the day. Unfortunately, while high profile sites such as the U.S. Consulate can be cleaned up quickly, we are seeing a dangerous number of companies that are failing to act responsibly to retain the sanctity of their sites."

By retrieving a copy of one of the infected Consulate pages from an internet cache, Sophos experts were able to identify that the cybercriminals had planted malicious code known as Mal/ObfJS-C, that then attempted to load further malware from a remote server. This malware includes an additional malicious script that attempts to exploit several browser vulnerabilities in order to install a Trojan horse that could be used to steal business critical data and personal details.

Platforms & Programs