main
Report a problem

Trend Micro Suffers Web Attack

Sagittarius   on 15 March 2008 - 18:30 · 19 comments & 13894 views

Advertisement (Why?)
Of the more than 20,000 web pages affected by a massive internet attack which started earlier this week, security vendor Trend Micro's site was among the victims, embarassing as it may be. Infected sites attempt to install password-stealing programs with a special affinity for online video games onto viewers' computers. Mike Sweeny, a Trend Micro spokesman confirmed that the company's site had been hacked Thursday: "A portion of our site -- some pages were attacked," he said. "We took the pages down overnight Tuesday night -- and took corrective action." Although researchers are still puzzled as to how the attacks took place, the use of Microsoft's Active Server Page (ASP) technology seems to be a common trend among infected sites.

Thanks for the news tip, Choto Cheeta!

View: Full Story on Infoworld

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Unknown
User name: Sagittarius
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 19 additional comments
(1 reply) #1 XeonBuilder on 15 Mar 2008 - 20:00
Although researchers are still puzzled as to how the attacks took place, the use of Microsoft's Active Server Page (ASP) technology seems to be a common trend among infected sites.


Nice way to pass the buck...
#1.1 vetmarkjensen on 15 Mar 2008 - 22:59
(XeonBuilder said @ #1)
Nice way to pass the buck...
Ummm... Trend Micro didn't "pass the buck", as you put it. Read the article. That statement was part of an observation by McAfee.

The Neowin summaries are often just the tip of the information iceberg, so to speak. You learn a lot more by following the link and reading the source article. Plus, it helps prevent you from jumping to incorrect conclusions.
(1 reply) #2 funkymunky on 15 Mar 2008 - 20:09
The top "hackers" seem to be extremely clever...

But all this so they can get WOW usernames and passwords??
#2.1 +acxz on 15 Mar 2008 - 20:14
One person finds the exploit, the rest are script kiddies. WoW is what they do.
#3 Choto Cheeta on 15 Mar 2008 - 20:15
If you please visit the mcafee posted video explanation page, you may see not just your Windows credentials, they target to infect an web URL tracker, a keylogger as well as the trojan unloader for collecting the data !!
(2 replies) #4 buletov on 15 Mar 2008 - 20:45
Talking about Trend Micro... everyone please visit:
http://www.scriptumlibre.org/Boycott_Trend_Micro
#4.1 tiagosilva29 on 16 Mar 2008 - 10:17
I thought about the same thing.
#4.2 imis on 17 Mar 2008 - 20:13
(tiagosilva29 said @ #4.1)
I thought about the same thing.

+1
(1 reply) #5 n_K on 15 Mar 2008 - 23:12
"Microsoft's Active Server Page (ASP) technology seems to be a common trend among infected sites"
What I've been saying for years... Oh and PWNT. Go well together really
#5.1 toadeater on 16 Mar 2008 - 06:56
(n_K said @ #5)
"Microsoft's Active Server Page (ASP) technology seems to be a common trend among infected sites"
What I've been saying for years... Oh and PWNT. Go well together really


That is a misprint. It is supposed to read:

Microsoft's technology seems to be a common trend among infected sites.
#6 timbo3 on 16 Mar 2008 - 00:09
Remember Webattack? They're still around, it's called snapfiles now.

/Reminds me of the good old TechTV days.
#7 excalpius on 16 Mar 2008 - 05:04
FTA "The JavaScript attack code hosted on these infected Web sites takes advantage of bugs that have already been patched, so users whose software is up-to-date are not at risk."
(2 replies) #8 prince_niceguy on 16 Mar 2008 - 06:37
when they will realise to start using php, jsp ... anything on IIS gets attacked... try getting the same on apache, tomcat etc...
#8.1 n_K on 16 Mar 2008 - 09:18
(prince_niceguy said @ #
when they will realise to start using php, jsp ... anything on IIS gets attacked... try getting the same on apache, tomcat etc...

Humm, maybe you should check http://www.apache.org/dist/httpd/CHANGES_2.0 & front page first post on www.php.net ?
#8.2 prince_niceguy on 17 Mar 2008 - 02:28
(n_K said @ #8.1)
(prince_niceguy said @ #
when they will realise to start using php, jsp ... anything on IIS gets attacked... try getting the same on apache, tomcat etc...

Humm, maybe you should check http://www.apache.org/dist/httpd/CHANGES_2.0 & front page first post on www.php.net ?


do we have something like this for IIS??? oh!!! MS does not publish it.. may be????
(3 replies) #9 theyarecomingforyou on 17 Mar 2008 - 14:40
Things like this make me laugh at all the people saying "I don't need an anti-virus because I know how to use a computer and I don't visit dodgy sites".
#9.1 prince_niceguy on 17 Mar 2008 - 16:56
(theyarecomingforyou said @ #9)
Things like this make me laugh at all the people saying "I don't need an anti-virus because I know how to use a computer and I don't visit dodgy sites".


I don't need an anti-virus and I do visit dodgy sites...why... you guessed it right... use *nix flavor of OS and you will be always grateful to yourself for the switch...
#9.2 SimNet on 17 Mar 2008 - 17:00
Not smart to say that in this situation

because those people don't even go on Trend Micro and i'm one of them.

I dont have any AV, no viruses, no nothing. 100% gurantee, willing to test that if i run norton right now with all updates and it will give u 0 viruses.


So saying "I don't need an anti-virus because I know how to use a computer and I don't visit dodgy sites"

is still valid because that would aek sense if Neowin got hacked and a virus cmae, then you cuold say that, but Trend Micro is a virus/av/etc associated site so u wouldnt be going there anyways.


So now, I laugh at you, as you sit in the corner like this:

#9.3 Tha Bloo Monkee on 17 Mar 2008 - 17:05
(theyarecomingforyou said @ #9)
Things like this make me laugh at all the people saying "I don't need an anti-virus because I know how to use a computer and I don't visit dodgy sites".

That's nice.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1387) © 2000 - 2008 Neowin.net