Paris Hilton's Web site used in Web attack
IDG News Service - Paris Hilton's Web site has been hacked and is serving visitors a malicious Trojan program designed to steal sensitive information from their computers.
The hack was discovered by security vendor ScanSafe, which said that Parishilton.com (Note: This site is not safe to visit as of press time) had apparently been compromised since Friday. Visitors to the site are presented with a pop-up window urging them to download software in order to enhance their viewing of the site. Whether they click "yes" or "no" on this window, the site then tries to download a malicious program, known as Trojan-Spy.Zbot.YETH, from another Web site.
"The pop-up points to a directory on that Web site; that's where the malware is being loaded from," said Mary Landesman, a security researcher at ScanSafe. Once installed, the Trojan steals online information and tries to install more malicious software on the victim's computer.
Landesman believes thousands of other Web sites may also be serving up this variant of the attack her firm uncovered. However, Parishilton.com, the celebrity's official Web site, is the best-known target. "The big thing with Paris Hilton is the number of visitors that she gets," Landesman said. "It's always doubly concerning when we see a high-profile Web site get compromised."
To make things worse, most antivirus products are not identifying the Trojan program being served by Parishilton.com. On Monday afternoon, only 12 of the 37 vendors tested by VirusTotal identified the Trojan.
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Paris Hilton's Web site has been hacked and is serving visitors a malicious Trojan program designed to steal sensitive information from their computers.
Additional Resources



White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...

