Symantec’s Security Response Weblog provides an excellent analysis of how hackers can exploit a vulnerability to hack your PC. The server in question has, over time, hosted at least ten variants of malicious code (malware) used to attack connecting PCs. Symantec:

Clearly this piece of malware attempts to cover its bases pretty well in terms of market coverage. However, on closer inspection we have also found that the server appears to be misconfigured, as a result the client detection and exploit selection code is appended to everything that the server serves up–HTML, data, and binary files included. As a result, clients receiving the content may behave unpredictably in many cases, causing browser crashes. Perhaps the quality control department must have had a bad day at the office in this operation.

This underlines two big problems with internet security in China:

- There are a lot of small web sites out there whose sole purpose seems to be to distribute malware

- Poor server administration worsens the problem as sites are hacked to become distributors of malware and the administrators seem to be unaware or unconcerned

There really aren’t any quality control departments, that’s the problem.

ShareThis