Dutch News site spread Malware on 100000 Computers
The Hacker News


Dutch popular news site NU.nl appears to be serving Java exploit (drive-by malware) to users of IE. Nu.nl has approximately one hour long served the Javascript code that attempted to provide visitors to the news site with a trojan to infect. The attackers made use of servers in India which an exploit kit was placed.

The Ministry of Security and Justice issue a warning for malware yesterday by Nu.nl estimated to have infected 100,000 computers. Erik Loman, developer at security firm SurfRight, made ​​known on Twitter on the front page of the news javascript code 'g.js' was blocked. The code triggered by Loman a nuclear exploit pack on a web server in India was placed.
UPCOMING WEBINAR
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

The exploit script checked the browser and common plugins like Flash and Adobe Reader security hole. If an exploit was found, the server sent the Sinowal-malware, a trojan of Russian origin, which is continuously updated and attempts to steal bank details.

Officials at Nu.nl said that an account for the content management system Wednesday 'has fallen into the wrong hands. They confirm that the malware has been deleted now, Also new login information was distributed to managers and editors.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.