Two research firms involved, detected and attributed the attack to the Chinese. They describe the attack as using multiple zero day vulnerabilities.
The hackers tinkered with the Adobe Flash widget that delivers the Thought of the Day page that visitors to Forbes.com are taken to when they visit the site. The attackers did this to send specially-chosen visitors to a hacker-controlled site that would serve up an exploit against a zero-day vulnerability in Flash and, if it was needed, another flaw in Microsoft Internet Explorer.
Malware that sought to acquire basic system information from victims’ machines could then potentially have been downloaded on targets’ systems. The malware would attempt to download itself after visitors hit the Forbes.com site.
Forbes describe the attack as: “Anyone who was running on any Windows OS above XP and using browsers other than Internet Explorer should have been safe, though targets using other systems could have been affected.”
There haven’t been any reported cases of successful exploitation, though they could exist.
How secure is your site from hackers?
Regardless of the size of your law firm, or your website, your site could be vulnerable. This may be the time to take a deep interest in your site security as a general approach to helping protect your site visitors and your investment.
For assistance, training or consultation with your internet marketing, call 800-569-8279
