Thursday, October 30, 2008 12:34 PM
cmosby
Howard University Site Compromise - Websense
Howard University Site Compromise
Date:10.29.2008
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network has discovered that the official Web site of Howard University has been compromised with malicious code. The Howard University Web site is currently experiencing a large number of visitors, as it is the home page for Howard University students.
Malicious JavaScript code has been inserted into the Student Health page of the site. Browsers that load the site will execute a script from an exploit toolkit known as Neosploit, using known vulnerabilities such as those found in MSXML2.XMLHTTP, ADODB.Stream, and WScript.Shell—each of which downloads and executes a malicious executable file.
We have notified the owner of the site, but the site was still compromised at the time of this alert.
Site screenshot:
Site source screenshot:
Websense Messaging and Web Security Customers are protected against this threat.
Filed under: Security and Anti-Virus, Internet Hacks, Spam\Phishing, Cybercrime