Finjan provides information on Crimeware toolkit used on Forth Road Bridge website

Finjan, a leader in secure web gateway products, provides more information on the Crimeware toolkit used on the compromised Web site of the Forth Road Bridge.


Forth Road Bridge, a popular tourist and travel attraction in Scotland has been hacked and was serving up malware using code obfuscation techniques.


“The site is operated by the Forth Estuary Transport Authority and it appears it was infected with the Neosploit Crimeware Toolkit.  The exploit used obfuscated Javascript, a trend we identified back in our fourth quarter 2006 Web security trends report,” said Yuval Ben-Itzhak, Finjan’s CTO.


According to Ben-Itzhak, attacks using obfuscated code – and in particular, dynamic obfuscated code – are difficult to spot without advanced Web analysis software installed in the network to protect end-users.


“In order to prevent dynamically obfuscated code and similar types of advanced hacking techniques, we recommend businesses to include real-time content inspection products to analyze and understand the active code embedded within Web pages on-the-fly before it reaches the end user machine,” he said.


“This form of pro-active analysis is carried out by a handful of security applications, including our own business security software. This is because the analysis needs to break the obfuscated code into its constituent segments and interpret what the code segment intends to do, and take appropriate action,” he added.



Comments are closed.