News Stay informed about the latest enterprise technology news and product updates.

Oracle-owned hacked, serves malware to visitors

Visitors to were treated to theBlackHole exploit kit which quietly served malware to Windows users. was compromised and was being used to serve malware to visitors running Windows for a short time Monday. The Oracle-owned site quickly responded to the hack, however, and removed the malware to stop the infections.

Hackers installed a JavaScript code on the open-source database site that redirected visitors and attacked their systems with a BlackHole exploit kit. Because of the kit, the systems of those visiting the site quietly and automatically loaded the JavaScript file.

Security vendor Armorize Technologies discovered the attack early Monday morning. According to Armorize chief executive Wayne Huang  in a blog post, “it exploits the visitor’s browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java,…), and upon successful exploitation, permanently installs a piece of malware into the visitor’s machine, without the visitor’s knowledge.”

Armorize also added that “the visitor doesn’t need to click or agree to anything; simply visiting with a vulnerable browsing platform will result in an infection.”

Huang claimed that his team had yet to discover what the goal of the attack was but, typically, attackers install malware to create botnet computers that can be rented out or to steal the victims’ passwords. He also added that he didn’t know how dangerous the infection would be to the systems hit and that it would still be running even after a reboot of the machine.

The middle, redirection site was found to be located in Germany, while the final site that actually housed the malware was located in Sweden.

The Armorize blog also showed a video explaining how the infection spread on the visitors’ machines. It added that only 4 out of 44 vendors on the VirusTotal site could detect the malware.

~Hillary O'Rourke, Contributor

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.