Oracle-owned hacked, serves malware to visitors


Oracle-owned hacked, serves malware to visitors Staff was compromised and was being used to serve malware to visitors running Windows for a short time Monday. The Oracle-owned site quickly responded to the hack, however, and removed the malware to stop the infections.

Hackers installed a JavaScript code on the open-source database site that redirected visitors and attacked their systems with a BlackHole exploit kit. Because of the kit, the systems of those visiting the site quietly and automatically loaded the JavaScript file.

Security vendor Armorize Technologies discovered the attack early Monday morning. According to Armorize chief executive Wayne Huang  in a blog post, “it exploits the visitor’s browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java,…), and upon successful exploitation, permanently installs a piece of malware into the visitor’s machine, without the visitor’s knowledge.”

Armorize also added that “the visitor doesn’t need to click or agree to anything; simply visiting with a vulnerable browsing platform will result in an infection.”

Huang claimed that his team had yet to discover what the goal of the attack was but, typically, attackers install malware to create botnet computers that can be rented out or to steal the victims’ passwords. He also added that he didn’t know how dangerous the infection would be to the systems hit and that it would still be running even after a reboot of the machine.

The middle, redirection

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

site was found to be located in Germany, while the final site that actually housed the malware was located in Sweden.

The Armorize blog also showed a video explaining how the infection spread on the visitors’ machines. It added that only 4 out of 44 vendors on the VirusTotal site could detect the malware.

~Hillary O'Rourke, Contributor