It's never particularly big news when a site is hacked; it happens millions of times a day, but not always to big sites. Most big sites will normally catch the error, though there are exceptions. Thanks to a Neowin tipster, it seems that Syba's website has been compromised without warning though anti-virus will catch the problem.
The specific variant found on Syba’s page is Trojan.JS/BlacoleREF.W; part of the BlacoleREF virus family. According to Microsoft’s security encyclopedia, it works by loading a hidden IFrame through JavaScript on compromised PCs. It comes in the form of a clientside script, redirecting to a server known as ‘Blackhole’.
It might be difficult to find Blackhole, or Blacole as it’s also called, if you are infected. There are seemingly no common symptoms of the virus, so it goes on a case-by-case basis. Nevertheless, it’s worth thinking about. Regardless, this error has been produced by Windows Defender and AVG, which is shown in the above screenshot.
We have no specifics on when the error began to appear at present, but it could be off-putting for buyers visiting the site. The error seems to stem from the Support & Download side of the Syba site (in other words: the portion of the site you want to avoid), and so far no issues have occurred when reaching the main page. As of yet there has been no acknowledgement of any issue from within the company.
Source: Syba
11 Comments - Add comment