Two State Department websites based in Russia have been hacked and appear to be infecting visitors with malware, InfoWorld reports. Particularly compromised was the U.S. Consulate General for St. Petersburg. But by the time Sophos researchers checked the site, the infection had been irradicated. But a review of archived pages revealed the malicious code. As of Thursday, Sophos customers were still being blocked from accessing the St. Petersburg consulate Web server, which is hosted on the stpetersburg.usconsulate.gov and www.stpetersburg-usconsulate.ru domains.
Sophos said the hackers were probably seeking out any vulnerable sites and happened upon the State Dept. sites.
âThe malware writer was looking for vulnerable sites and happened upon that site,â a researcher said. âIt was a malware that allowed for remote access and it also attempted to download additional malware from a remote server.â
Another State site in Russia, the Moscow embassyâs site, is associated with emails disseminating viruses, according to McAfeeâs SiteAdvisor.
âAfter entering our e-mail address on this site ⌠we received two e-mails that contained a virus,â McAfee said in the alert.
Sophos said the hackers were probably seeking out any vulnerable sites and happened upon the State Dept. sites.
âThe malware writer was looking for vulnerable sites and happened upon that site,â a researcher said. âIt was a malware that allowed for remote access and it also attempted to download additional malware from a remote server.â
Another State site in Russia, the Moscow embassyâs site, is associated with emails disseminating viruses, according to McAfeeâs SiteAdvisor.
âAfter entering our e-mail address on this site ⌠we received two e-mails that contained a virus,â McAfee said in the alert.
Leave reply