Tuesday, January 31, 2006

Rant: Exploits from AMD?

What a bunch of nutcase. At least make sure your site is safe for crappola's sake. What a great way to spread over exploits to your visitors.
Image owned by F-Secure. As usual, click for larger image.
We're not sure what's going on in here, but there's something wrong at AMD's user discussion forum, located at forums[dot]amd[dot]com.

If you visit the site (and please don't visit it right now), you get a WMF exploit sent to you right from the front page.

When inspecting the source code, you'll see that at the bottom of the HTML is an encoded IFRAME directive:

When decoded, that translates to http[colon]//toolbardollars[dot]biz/dl/adv586.php.

How did it end up on the AMD site? We have no clue. But we have informed relevant people, so hopefully this will be resolved soon.


No comments: