Tibet attack Trojan identified

By Shaun Nichols on Apr 12, 2008 6:37AM
Add techpartner.news As Your Trusted Source
Tibet attack Trojan identified
A pair of researchers are reporting that the 'Fribet' Trojan has spread among users by embedding itself in pro-Tibet websites by way of an SQL injection and then exploiting a browser vulnerability to remotely install and execute.

McAfee researchers Shinsuke Honjo and Geok Meng Ong reported on a company blog posting that the Trojan not only gives the attacker the ability to remotely control and perform installations on infected PCs, but it also provides the ability to receive SQL instructions.

This, the researchers say, can allow the attacker to use infected machines to host other web exploits.

"This Trojan apparently can be used as an alternate to SQL Injection attacks, but in a more direct way," they wrote.

"Even the administrators of secure websites, protected against common SQL injection attacks, should ensure database backends are equally secure to defend against such a penetration vector."

There are, however, some mitigating factors. At the time of the posting, the server that the infected machines connected to was not active, so computers running the Trojan were not being sent commands.

The researchers also noted that in order to host web exploits on a machine, an attacker would need extensive information on a machine's network configuration and user credentials. Researchers do, however, believe that such information could be obtained through Fribet's info-stealing components.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk

Add techpartner.news as your trusted source

Add techpartner.news As Your Trusted Source
Tags:
attack identified security tibet trojan

Partner Content

Fabric workshops help partners tap into data services demand growth.
Fabric workshops help partners tap into data services demand growth.
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Think Technology Australia deliver massive ROI to a Toyota dealership through SharePoint-powered, automated document management
Have ticket queues become your quiet business risk?
Have ticket queues become your quiet business risk?
AI PCs shift from hype to revenue opportunity for partners
AI PCs shift from hype to revenue opportunity for partners
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central
Why Australia’s Industrial Leaders Are Turning to Dynamic Aspect for Dynamics 365 Business Central

Sponsored Whitepapers

Transform how you provision and deliver security and backup—on one platform
Transform how you provision and deliver security and backup—on one platform
Protect the data your business relies on
Protect the data your business relies on
Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats

Events

Pipeline 2026: Game Changers
Pipeline 2026: Game Changers
Channel Meets: Security - Gold Coast
Channel Meets: Security - Gold Coast
techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Winter Ball featuring the 2026 Impact Awards
techpartner.news Winter Ball featuring the 2026 Impact Awards

Most read articles

HamiltonJet partners with digital services provider Fortude

HamiltonJet partners with digital services provider Fortude
SentinelOne signs distribution agreement with Sektor

SentinelOne signs distribution agreement with Sektor
Rapid7’s new SIEM combines exposure management with threat detection

Rapid7’s new SIEM combines exposure management with threat detection
Bluechip Infotech enters final stage of Goodson Imports acquisition

Bluechip Infotech enters final stage of Goodson Imports acquisition

Log in

Email:
Password:
  |  Forgot your password?