All the latest UK technology news, reviews and analysis


Cyber criminals infect Amnesty website to spread Trojan

11 May 2012
Amnesty International Uk front page

Cyber criminals have targeted Amnesty International's UK website, infecting it with hostile malware designed to spread to the site's visitors.

Security firm Websense said it had discovered a remote access Trojan (RAT) running on the charity's site.

The RAT reportedly targeted the same Java WebRoot exploit seen in several recent security scares, including the recent attack on the Israeli Institute for National Security Studies.

Websense said the Trojan had been active between 8 to 9 May, meaning any users who visited the site during the period could be infected.

"Once a user browses to the website the exploit code there is ‘having a go' at the user's machine. If it's successful then the RAT will get installed automatically with no user interaction," a Websense spokesman told V3.

Websense senior manager Carl Leonard warned that the exploit will likely reappear, claiming most companies' online security is ill-equipped to deal with the threat.

"Exploit kits zoom in on vulnerable websites, even ones with good intentions. This compromise is more serious than your average. With a low AV detection rate, Gh0st RAT is a powerful tool that allows backdoor access into infected machines," said Leonard.

"Without the right defences, it might be much more than a charity donation that the malware's authors steal."

Amnesty International confirmed it is aware of the infection and has already taken measures to cleanse its network.

"Yesterday amnesty.org.uk was infected with a piece of malicious code. As soon as we became aware of the infection we worked with our hosting company Claranet to isolate it and remove it as a matter of urgency," an Amnesty International spokesman told V3.

"The problem was resolved by yesterday lunchtime."

The RAT's discovery follows on from widespread warnings within the security community that hackers are becoming more tenacious.

Research from PriceWaterhouseCoopers recently claimed that cyber crime is currently costing the UK billions of pounds each year, predicting the figure will continue to rise until businesses invest in better online security.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
20%
14%
4%
21%
29%
12%

Popular Threads

Powered by Disqus
Galaxy S5 vs One M8 video review

Galaxy S5 vs HTC One M8 video review

We see which Android contender is best for business

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Mid/Senior level Java Developers - Multiple Roles (Java/J2EE)

Mid/Senior level Java Developers - Java, J2EE/ JEE...

Software Engineer

Software Developer C#/.NET I am currently recruiting...

Marketing Director Contract Central London

Marketing Director Required | Long Term contract | Leading...

Web Application Developers - multiple positions

My client, a bespoke software house in the heart of Devon...
To send to more than one email address, simply separate each address with a comma.