June 18th, 2006
Google pages hosting malicious code, Microsoft gets defaced
[Updated 9:50PM] Websense is reporting that Google pages has been hacked and is hosting malicious Trojan code for people to download. [Update: A Google representative has informed me that Google pages was not hacked. What happened was that some Google pages members deliberately uploaded malicious code on to the Google hosting service. Google's response is to remove these malicious pages when notified but they are working on a more permanent solution. My apologies to Google for my misunderstanding.] Websense reports: "The file is packed with ASPack and is a banking Trojan Horse which is designed to steel banking credentials upon visiting pre-defined financial institutions sites." This is particularly dangerous since the exploit code is coming from a reputable location which lends a lot more trust. Downloading and installing this exploit code from Googlepages puts your finances at risk. [Update: In fairness to Google, they are acting as a free web hosting company and it's the users creating the malicious content. The same thing could happen with any hosting service though it's less likely since payments had to be made before a site can be hosted and the owner is a little easier to track. A free web hosting service like Google pages may lend itself to this sort of malicious activity so it will be interesting to see what Google will do about this in the long term.]
In a slightly less embarrassing incident but non related issue, it would seem that the experts at Microsoft France weren’t so smart because experts.microsoft.fr was defaced over the weekend. This particular hack was meant to be announced to the world because they posted themselves on to the Zone-H cybercrime archive. No malicious code was being hosted in this incident.
George Ou is Technical Director of ZDNet. See his full profile and disclosure of his industry affiliations.
