Alerts
Syrian Embassy Of London Compromised
Date:09.25.2007
Threat Type: Malicious Web site / Malicious Code
Websense® Security Labs™ has discovered that the official site of the Syrian Embassy in London has been compromised.
Syrian Embassy Homepage:
The site www.syrianembassy.co.uk contains three unique iframes that direct visitors to malicious Web sites. The iframes use various techniques to evade detection, including Javascript Obfuscation. The iframes point to hosts in the United States, Malaysia, and the Ukraine. The Mpack attack toolkit is hosted on one of these sites and attempts several exploits depending on OS, browser, and plugin versions. The end result is that two Trojan Downloaders are dropped on visitors' computers from two of the iframes.
Obfuscated iFrame #1:
