PetaPixel

Nikon Rumors Site Attacked Days After Cinema5D’s Hacker Woes

If you tried to visit the Nikon Rumors site this morning, you’ve probably gotten an error message. According to the Google information, 47 pages from the site were tested over the last three months, and one page resulted in malicious software downloaded and installed without user consent. It appears that the site was flagged for that content yesterday. Yikes.

Another camera-related site, Cinema5D was attacked last weekend. Sebastian Wöber of Cinema5D wrote that primarily users running older browsers, particularly PC users running IE6 or users who downloaded Java or PDF apps were at risk of malware.

It’s unclear why these photo-related sites were attacked, but it’s a good idea to run a virus check if you frequent either of the sites, especially if you are in the at-risk group. Sophos has more information about the attack, which is common to sites running OpenX ad servers, here.


 
  • http://twitter.com/Edopeno Ed Penano

    Does this affect iPhones? I surfed via my iPhone and wanted to know what its affects would be.

  • Rw

    “malicious software downloaded and installed without user content”. It’s “consent” not “content”.

  • http://www.petapixel.com Michael Zhang

    Thanks Rw

  • Guest

    surely there has to be more to it than they were running “older” browsers.

    but then who cares about the technical details of these stories.

  • Anonymous

    Seems like Mac OS computers were okay. Not 100% sure about iPhones.

  • Anonymous

    Cinema5D has more technical info specific to their infection.
    http://www.cinema5d.com/news/?p=4511

  • Idrifter

    Now that’s just plain silly. Why don’t they pick on Sony or Pentax.;)

  • Rainbow

    I visited NikonRumors yesterday(~GMT 12:10, Aug. 26), and got a warning message from Norton AntiVirus.
    According to Norton, this type of malware is “HTTP Phoenix Toolkit Java Class Activity”
    (http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=23752)

    The IP address of attacker is 79.135.152.219