Crooks Inject Malicious Java Applet Into FOREX Trading Website


November 30, 2012 By The Vigilant Application Owner

The Register – (International) Crooks inject malicious Java applet into FOREX trading website. FOREX trading Web site Trading Forex was contaminated with a malicious Java applet that is designed to install malware on the systems of visiting surfers, The Register reported November 30. The Web site remained contaminated as of mid-day November 29 according to Websense, the Web security firm that detected the attack. The backdoor planted on Trading Forex is written inVisual Basic.Net and requires the Microsoft’s .NET framework to be successfully installed and running on a victim’s computer. “It’s important to note that there was no exploit involved in this attack but rather a social engineering trick that requires the victim’s involvement – if successful it will allow a backdoor Trojan to run on the victim’s machine,” a senior security researcher at Websense stated. A senior security research manager added: “This injection could deposit malware to the users of this site, possibly opening them up to data stealing. We’re also seeing typosquatting being used here, perhaps ready for a future attack.”

Source: http://www.theregister.co.uk/2012/11/30/forex_trading_website_hack/