The website for Indian antivirus vendor AvSoft Technologies has been hacked and is being used to install malicious software on visitors' computers, say security researchers.
The download section of AvSoft's S-cop website hosts the malicious code, according to Roger Thompson, chief research officer with security vendor AVG. "They let one of their pages get hit by an iFrame injection," he
said. "It shows that anyone can be a victim. ... It's hard to protect web servers properly."
The technique used on the site has been seen in thousands of similar hacks over the past few months. The attackers open an invisible iFrame Window within the victim's browser, which redirects the client to another server. That server, in turn, launches attack code that attempts to install malicious software on the victim's computer.
The malicious software is a variant of the Virut virus family.
[...]