Transocean oil/gas rig contractor compromised (deepwater.com) - UPDATE: NOW FIXED
Posted by Elad Sharf on 25 August 2011 04:50 PM
Transocean, one of the world's biggest offshore drilling contractors, is currently compromised: its main Web site at deepwater.com is hosting malicious exploit code. Recently, Transocean has been implicated in the Deepwater Horizon oil spill resulting from the explosion of one of its oil rigs in the Gulf of Mexico.
UPDATE: Transocean got in touch with us and we can confirm that the malicious code has now been removed. We appreciate the fast response by the Security team at Transocean.
Websense customers are protected from Web based threats by ACE, our Advanced Classification Engine.
A few pages hosting exploit code have been created on the compromised Web server. Some of these pages are referred to by Iframes through the main page of the site. The pages use the CVE-2011-1255 vulnerability, which affects Microsoft Internet Explorer versions 6 through 8 and was patched on June 14 2011, and also CVE-2010-2884, a vulnerability in Flash Player that was patched on October 5 2010. Virustotal detection for the latter file is at 15%.
You can follow this site category on our AceInsights portal with this link.
Read more »