>

It seems another act of Chinese hackers ,this time they attacked Aligarh Muslim University prestigious Indian educational institution's site.The hackers somehow Amucontrollerexams.com hackedmanaged to add automatic download of their malicious software. We at Shankee.com are the first one to report this.

Aligarh Muslim University is a prestigious educational institution and that has a legacy of its own and is quite well-known through out the world. Thousands of students give the entrance exam for the various courses, and the results are displayed here - amucontrollerexam (warning visiting this site may harm you computer).Read the full report.



When we visited the site google as well as firefox gave us warnings and prevented us from accessing the site. When we tried to know what was the matter we came to know that it was the deed of Chinese hackers. As the software that automatically downloads. We also came to know that site has a good traffic and ranked 360,972 on Alexa which is a really good one.
Here is the copy of report generated by google.com on amucontrollerexams.com

What is the current listing status for amucontrollerexams.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 2 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 4 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-05-24, and the last time suspicious content was found on this site was on 2009-05-20.

Malicious software includes 3 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

Malicious software is hosted on 1 domain(s), including hifgejig.cn/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including traffics-inspector.cn/, silzefos.cn/.

This site was hosted on 1 network(s) including AS36351 (SOFTLAYER).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, amucontrollerexams.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Both the sites traffics-inspector.cn/and silzefos.cn were non-existent or would have been shut down, as they showed traces of availability in the past but have become extinct now.
When we tried to help the site by makng them aware know of such a threat. For this we did a "whois" search for the site, and found that the site's administrator is Umang Bagla. But when we tried to contact him the telephone number didn't worked. Here is the whois result for amucontrollerexams.com -

Registrant:
Umang Bagla umang@twamail.com 915222230911
The Web Artists
1/100, Vivek Khand, Gomti Nagar
Lucknow,Uttar Pradesh,India 226001


Domain Name:amucontrollerexams.com
Record last updated at 2008-07-18 04:06:10
Record created on 2003/5/23
Record expired on 2009/5/23


Domain servers in listed order:
ns3.ecohostnet.com ns4.ecohostnet.com

Administrator:
Name-- Umang Bagla
EMail-: (umang@twamail.com)
tel --: 915222230911
org: The Web Artists
1/100, Vivek Khand, Gomti Nagar
Lucknow,Uttar Pradesh,India 226001

Technical Contactor:
Name-- Umang Bagla
EMail-: (umang@twamail.com)
tel --: 915222230911
org: The Web Artists
1/100, Vivek Khand, Gomti Nagar
Lucknow,Uttar Pradesh,India 226001

Billing Contactor:
Name-- Umang Bagla
EMail-: (umang@twamail.com)
tel --: 915222230911
org: The Web Artists
1/100, Vivek Khand, Gomti Nagar
Lucknow,Uttar Pradesh,India 226001

Conclusion The problem is with the server and not with the site itself, as we found a huge no. of sites hacked on the network.This situatuon must be handled seriouslyas for India it is time to worry . After targeting US , Chinese hackers are moving to other networks. In India as most of the net users are still unaware of the hacks and malicious software. We hope the government acts quickly to verify and configure all such sites and look up for a quarantine to this.

0 Comments:

Post a Comment