While reading a ComputerWorld article on China becoming the world’s malware factory, I came across an interesting reference of a recent attack that occurred in Asia Pacific region but has little coverage on the English media.

Apparently the attacked started in March 06 till March 13 according to Cisco’s Security Center.

What happened is traffic going to http://www.msn.com.tw, tw.msn.com and taiwan.cnet.com were redirected to w w w.dachengkeji.c o m. The hacker(s) apparently managed to compromise a switch in Singapore in order to launch this attack. Malicious codes can then be downloaded to unsuspecting surfers.

According to Cisco, “Full details of the attacks are unclear, but they could be a result of a malicious code outbreak, DNS compromise, non-blind TCP spoofing attacks, or another man-in-the-middle style of attack.”

Preventing such attack may be difficult and the risk is rather high, especially if the hacker is running some sniffing tool to pull sensitive details like login names and passwords. Safest bet is never to use the same password credentials on different web sites.

Advertisements