Jump to content


Ameritrade user Alert - Websense

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 25 May 2007 - 12:09 PM


- http://www.websense.....php?BlogID=127
May 25 2007 ~ "Be careful what you type! Yesterday we noticed that one of the sites our Threatseeker technology was classifying appears to be using a typo-attack to infect users. The site is a typo attack on the real domain “freetrade.com” which is owned by Ameritrade / TD and is an online brokerage site. We are not including the real domain publicly since there is a variety of exploit code on the site, but its one character off the real site. If accessed, and vulnerable, users will be redirected through a variety of encoded JavaScript exploit code that are included with the Web Attacker toolkit. Over the last two days the site has not had a lot of traffic, but has successfully infected more than 200 users... The exploit code loads a Trojan Horse Backdoor which has passwords stealing capabilities..."

(Screenshot available at the URL above.)


Edited by apluswebmaster, 25 May 2007 - 12:10 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button