Comments on: ANI File Exploit Has Connection With Hacked Super Bowl Site http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/ Cutting edge security research as it happens....... Mon, 15 Mar 2010 10:26:50 -0500 http://wordpress.org/?v=2.8.3 hourly 1 By: ANI Exploit + SQL injection « Among the Impostors - Cyber Fraud http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-217097 ANI Exploit + SQL injection « Among the Impostors - Cyber Fraud Thu, 29 Nov 2007 10:42:00 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-217097 [...] It’s an interesting thought to think that one attack compromised 25,000 websites, which in turn could have compromised potentially hundreds of thousands or even millions of remote machines via the ANI payload through XSS. And ultimately, the attackers are still at large. Pretty scary concept when you think about the low level of diversity in open source web applications, making them much more susceptible to attack. Maybe that tiny webapp hole isn’t so tiny after all. [...] [...] It’s an interesting thought to think that one attack compromised 25,000 websites, which in turn could have compromised potentially hundreds of thousands or even millions of remote machines via the ANI payload through XSS. And ultimately, the attackers are still at large. Pretty scary concept when you think about the low level of diversity in open source web applications, making them much more susceptible to attack. Maybe that tiny webapp hole isn’t so tiny after all. [...]

]]> By: ha.ckers.org web application security lab - Archive » ANI Exploit + SQL injection http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-214294 ha.ckers.org web application security lab - Archive » ANI Exploit + SQL injection Mon, 26 Nov 2007 23:09:08 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-214294 [...] I know we’ve all thought about it, but for some reason this one is hitting a little more than others. Partially because I think we all like to think we are unique and every hack needs to be forensically important. Think about if you were running the Miami Dolphins and you were to see this happen to your site. You’d want answers, and you’d want them now. And then after spending countless hours and tons of resources you’d find that the answer is you were just one hack of 25,000. An interesting website but insignificant in the grand scheme of the attack. [...] [...] I know we’ve all thought about it, but for some reason this one is hitting a little more than others. Partially because I think we all like to think we are unique and every hack needs to be forensically important. Think about if you were running the Miami Dolphins and you were to see this happen to your site. You’d want answers, and you’d want them now. And then after spending countless hours and tons of resources you’d find that the answer is you were just one hack of 25,000. An interesting website but insignificant in the grand scheme of the attack. [...]

]]> By: Computer Security Research - McAfee Avert Labs Blog http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-61265 Computer Security Research - McAfee Avert Labs Blog Wed, 02 May 2007 21:34:26 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-61265 [...] As for websites, this can be a bit trickier. There are some more clear-cut cases where the website itself is dodgy - warez sites, software-cracks sites, etc. If you’re getting stolen or hacked software, you run the risk of getting more than you bargained for, plain and simple. A website can also be basically innocent, yet still be problematic: Websites need to be protected and patched just like any other machine. Even big websites can be hacked to serve up nasty code to be dumped on you when you come to visit, like in the case of the recent ANI zero-day exploit. [...] [...] As for websites, this can be a bit trickier. There are some more clear-cut cases where the website itself is dodgy – warez sites, software-cracks sites, etc. If you’re getting stolen or hacked software, you run the risk of getting more than you bargained for, plain and simple. A website can also be basically innocent, yet still be problematic: Websites need to be protected and patched just like any other machine. Even big websites can be hacked to serve up nasty code to be dumped on you when you come to visit, like in the case of the recent ANI zero-day exploit. [...]

]]> By: Computer Security Research - McAfee Avert Labs Blog http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-45438 Computer Security Research - McAfee Avert Labs Blog Mon, 02 Apr 2007 22:04:57 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-45438 [...] There are a huge number of innocent Web sites–hacked by the same group that hacked the Superbowl site–that are hosting a file which exploits an unpatched hole in many recent Windows versions. The file was created in such a way that it can cause a system to download and run malware. [...] [...] There are a huge number of innocent Web sites–hacked by the same group that hacked the Superbowl site–that are hosting a file which exploits an unpatched hole in many recent Windows versions. The file was created in such a way that it can cause a system to download and run malware. [...]

]]> By: luc http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-44327 luc Sun, 01 Apr 2007 18:15:02 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-44327 AVG also detect it AVG also detect it

]]> By: Chris Mosby at myITforum.com : McAfee Avert Labs Blog - ANI File Exploit Has Connection With Hacked Super Bowl Site http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-43212 Chris Mosby at myITforum.com : McAfee Avert Labs Blog - ANI File Exploit Has Connection With Hacked Super Bowl Site Fri, 30 Mar 2007 16:34:45 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-43212 [...] Trackback [...] [...] Trackback [...]

]]> By: Jeff http://www.avertlabs.com/research/blog/index.php/2007/03/29/ani-file-exploit-has-connection-with-hacked-super-bowl-site/comment-page-1/#comment-43100 Jeff Fri, 30 Mar 2007 13:58:31 +0000 http://www.avertlabs.com/research/blog/?p=237#comment-43100 http://isc.sans.org/diary.html?storyid=2537 IE7.0 SP2 http://isc.sans.org/diary.html?storyid=2537

IE7.0 SP2

]]>