Download Site of China.com Compromised
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network has discovered that the download site under china.com has been compromised. Malicious code has been inserted into the homepage of the site. This code has been changing over the course of last week, leading to different exploit sites. The exploits target Yahoo! Messenger, Adobe Flash, Real Player, and MS office.
China.com is one of the largest and highly-reputed portal sites in China, providing broad services including social networking, forums, online TV, news feeds and so on.
At the time of posting this alert, the site is clean. Websense will continue to monitor this threat.
Screenshot of the infected site:
Screenshot of malicious code:
Screenshot of malicious code from last week:
Websense Messaging and Websense Web Security customers are protected against this attack.