Paris Hilton's site is serving up an unexpected surprise, according to Robert McMillan of the IDG News Service. The hacked site attempts to infect visitors with a Trojan in what sounds like a classic drive-by-download attack. As of yesterday, the site was still attacking visitors, and you shouldn't attempt to visit the site yourself.If you read the listing of the most dangerous security myths, then you'll recognize this as just the latest example of why you can't stay safe online simply by avoiding suspicious sites (and while the non-hacked Parishilton.com might prove dangerous to your IQ, it won't usually hurt your PC). No word on just how the site may have been compromised, but hackers typically exploit software flaws with database input fields or homegrown applications to insert their own malicious, hidden code on otherwise benign sites.
Happen across a site infected with such code, and you may suffer an attack without ever knowing it. In this case, McMillan says you'd see a pop-up prompting you to download additional software to view the site, but whether you click yes or no the attack code will attempt to download a Trojan onto your PC.
No comments:
Post a Comment