Security company Websense has issued an advisory stating that attackers had apparently broke into the Website of telecommunications company Samsung, infecting certain segments of the site with a Trojan horse. Websebse added that perhaps the site has been infected for some time.
In an advisory Websense said, “The most current code, which is still available for download, is a Trojan Horse that attempts to disable anti-virus programs, modify registry keys, download additional files, and log keystrokes when connecting to banking websites.”
Though the Trojan is dangerous; it requires user interaction in order for it to be installed onto the computer. Websense felt that those infected were being tempted to the site through instant messaging or e-mail links.
Websense has cautioned Samsung of the problem, but as of Friday morning the code was still accessible on the site. The fact that the malware is coming from a reputable source’s actual Website, rather than some faked version, is a greater concern for researchers.
More and more security experts have been warning users to only trust information and content on sites they know and trust. But when hackers compromise known sites, it puts many users at serious risk for infection as most would not think the content they’re downloading would be malicious.
Experts claim that incidents like the hack of the Samsung Web site are on the rise. Attacks are likely to begin to appear in seemingly benign places, Symantec Security Response director David Cole warned in his blog this week.