Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
801 Views 3 Replies Latest reply: Feb 22, 2013 7:03 AM by btlyric RSS
Jon Scholten McAfee SME 857 posts since
Nov 3, 2009
Currently Being Moderated

Feb 21, 2013 5:51 PM

NBC site attacked - using suspicious iframe as attack vector

Hey All,

 

Apparently the NBC site has been attacked and some malcious code has been placed on their web page.

 

More information can be found here:

http://www.zdnet.com/nbc-com-hacked-briefly-compromised-with-redkit-malware-7000 011636/

and here:

http://blog.sucuri.net/2013/02/nbc-website-hacked-be-careful-surfing.html

 

There is a malicious iframe that is being used as the attack vector. The URLs that I found on the site (within the iframe) were categorized by trustedsource by the time I got to them.

 

I was however able to create a rule in MWG to remove iframes for sites in a given list, see screenshot below. Please keep in mind using the HTML opener can be a performance hit. This rule may need to be refined for production use and may produce false positives:

 

nbc_2013-02-21_174655.png

 

Just thought I'd share in case someone else read the news.

 

Stay safe!

 

Best,

Jon

More Like This

  • Retrieving data ...

Bookmarked By (0)