Compromised Jerusalem Center for Public Affairs site is passing on odd spyware to visitors.
The website of a respected Israel-based foreign policy institute -- the Jerusalem Center for Public Affairs -- has been infected with code that is trying to steal bank account information from visitors.
The campaign looks like an “advanced persistent threat-style attack” devised to siphon intelligence from government officials browsing the site, but “the threat is ultimately designed to pilfer banking credentials,” Kaspersky Lab reports.
The cyber strike against the think tank is part of a larger operation. Users who visit are redirected through a chain of seemingly innocuous sites affiliated with the music industry and law firms. Ultimately, users are led to a malicious server located in Russia.
Kaspersky says it “attempted to reach out to the JCPA, but attempts to access their website and contact information failed as the site unsuccessfully tried to infect our machines with malware.”
Computer users are targeted through a series of Java and Internet Explorer security holes. The malware dropped inside their machines, bizarrely, also contains a link to a Wheat Thins advertisement. It’s possible the hackers are conducting some advertising fraud on the side, by enticing victims to click on the link, thereby generating ad revenue.
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.
And find out even more on “NG Cybersecurity,” our new iPhone app.