Он загружался с русского FTP-сервера, скорее всего, тоже ставшего жертвой взлома. Из-за неправильной конфигурации FTP тот дозволил сторонним лицам поместить вредные файлы на своём хостинге. Компания Opera узнала о заражении 16 ноября, после опубликованного пресс-релиза BitDefender. В качестве временной меры она временно отключила рекламу на сайте.
At least some hours from the main page of a portal http://portal.opera.com were carried out attack drive-by with use eksplojt-paka Blackhole. Harmful script have introduced on a site in the known way - by means of an advertising banner through an extraneous advertising network. In such a way already repeatedly infected sites of the Russian mass-media and many other resources, but portal Opera has suffered for the first time. The code in a banner opened the frame where the harmful content from an external source is loaded. In a case with site Opera the script in.cgi from a site g?????????750.com was loaded, anti-virus company BitDefender informs. With the help eksplojt-paka Blackhole were checked vulnerability on computers of users and, in case of presence of those, the fresh, recently compiled variant зловреда ZBot (Trojan was loaded. Zbot. HXT). It was loaded from the Russian FTP-server, most likely, too the breaking which have become by a victim. Because of wrong configuration FTP that has allowed extraneous persons to place harmful files on the hosting. Company Opera has learnt about infection yesterday, after the publication of press release BitDefender. As a provisional measure it has temporarily disconnected advertising on a site.
Комментариев нет:
Отправить комментарий