United States Postal Service (USPS) has closed a site containing malicious code that was previously used in complex multi-step attack using the exploit kit Blackhole.
Infected site – http://ribbs.usps.gov – which is involved in providing services to USPS for delivery of business-oriented IP address based on the barcode – was struck by the malicious JavaScript. This malicious script redirects the user to the portal intruders through a number of other sites.
Attacked Portal displays an error message “404 Page Not Found”, but actually carried out the spread of malicious code.
The attack on the base load of malware has been primarily focused on the use of security vulnerabilities to install Trojans in the computers of Internet surfers who visit a specific domain USPS, who managed to hack hackers.
Last week, the same Blackhole Exploit kit was used in the attack on the site Music Festival Worldfest Houston (Texas), said the firm Zscaler, offering services cloud security. The same set of exploits Blackhole was seen in the compromised ad music service Spotify late last month.
Zscaler spent a good analysis of the latest attack, discovered on Thursday. With information available on the blog.
No Replies to "Exploit kit Blackhole posted at the U.S. Postal Service"