AEC Website compromised

whzzz28 (Nathan) · #1 04-08-2013, 03:28 PM

Was visiting AEC's website today and noscript blocked a script from running followed by MSE advising of a trojan.

Appears AEC's website has been infected by a JS drop trojan (BlacoleRef.dd), hiding down the bottom of the menus.js file (obfuscated of course).
More info here: http://www.microsoft.com/security/po...47680196#tab=1

So if you have visited the AEC website lately, i suggest doing a virus scan on your system.

I have advised Claude so hopefully it will be resolved soon.

Leon_AEC (Leon) · #2 16-08-2013, 10:51 AM

Hi All,

The server the website was on was infected, that is to say the infection was uploaded directly to the iiNet server not from infected files on our end. We took the website offline while we checked our systems - no infections on our side, so it was definetely a problem with our IP's server.

Thank you to everyone who let us know about the virus warnings they received.

The website is back up.

Leon
Astronomy & Electronics Centre

Nikolas (Nik) · #3 16-08-2013, 11:28 AM

here I was thinking it was the
australian Electoral commission!!!