Asus Web site harbors threat
It is not such a Good Friday for ASUStek Computer.
The main Web site of the Taiwanese hardware maker, known for its Asus branded PCs and motherboards, has been rigged by hackers to serve up malicious software that attempts to exploit a critical Windows flaw, security experts said Friday.
The attackers added an invisible frame, a so-called iframe, to the front page of the Asus.com Web site. When visiting the site, a victim's browser will silently connect to another Web site that tries to install a malicious program.
"We've just confirmed multiple reports about Asus.com, a very well known hardware manufacturer, being compromised," a researcher with Kaspersky Lab wrote on the company's Viruslist.com site.
The SANS Internet Storm Center, which monitors network threats, also confirmed the hack. However, the malicious code the ISC found did not attempt to exploit the Windows cursor hole for which Microsoft rushed out a patch this week. Kaspersky said the nefarious code it found did.
David Ray, a spokesman for Asus in the U.S., could not confirm if the company's main Web site had been hacked. However, he noted that the U.S. sub site appeared fine.
Cybercrooks often hack trusted sites to deliver nasty software that typically logs keystrokes and lets attackers remotely control commandeered PCs. A recent incident involved the site for the Miami Dolphins stadium, days before the Super Bowl was held there. Microsoft's MSN Korea site has also been hacked in a similar way.
The recent Windows vulnerability related to animated cursor files is being exploited widely, experts have said. A PC can be compromised when the user simply surfs to a malicious site or views a rigged e-mail.