Cyber criminals infect Amnesty website to spread Trojan

Cyber criminals have targeted Amnesty International's UK website, infecting it with hostile malware designed to spread to the site's visitors.

Security firm Websense said it had discovered a remote access Trojan (RAT) running on the charity's site.

The RAT reportedly targeted the same Java WebRoot exploit seen in several recent security scares, including the recent attack on the Israeli Institute for National Security Studies.

Websense said the Trojan had been active between 8 to 9 May, meaning any users who visited the site during the period could be infected.

"Once a user browses to the website the exploit code there is ‘having a go' at the user's machine. If it's successful then the RAT will get installed automatically with no user interaction," a Websense spokesman told V3.

Websense senior manager Carl Leonard warned that the exploit will likely reappear, claiming most companies' online security is ill-equipped to deal with the threat.

"Exploit kits zoom in on vulnerable websites, even ones with good intentions. This compromise is more serious than your average. With a low AV detection rate, Gh0st RAT is a powerful tool that allows backdoor access into infected machines," said Leonard.

"Without the right defences, it might be much more than a charity donation that the malware's authors steal."

Amnesty International confirmed it is aware of the infection and has already taken measures to cleanse its network.

"Yesterday amnesty.org.uk was infected with a piece of malicious code. As soon as we became aware of the infection we worked with our hosting company Claranet to isolate it and remove it as a matter of urgency," an Amnesty International spokesman told V3.

"The problem was resolved by yesterday lunchtime."

The RAT's discovery follows on from widespread warnings within the security community that hackers are becoming more tenacious.

Research from PriceWaterhouseCoopers recently claimed that cyber crime is currently costing the UK billions of pounds each year, predicting the figure will continue to rise until businesses invest in better online security.