Websense’ Security Alert
June 2009 by Websense
Websense® Security Labs ThreatSeeker Network has discovered that the official Web site of the Ministry of Water Resources in China has been compromised, and is infecting site visitors with malicious code. A malicious hacker has uploaded a fake online game folder, where a fake login page then leads unsuspecting victims to a Tencent QQ ActiveX control exploit (VQQPlayer.ocx).
The Ministry of Water Resources of the People’s Republic of China is the department of the State Council that is responsible for water administration. This department has responsibility for the formulation of water-related policies, development strategies, and medium and long-term development plans, including water conservation and demand management policies. It is one of the most important ministries in China.
Websense® Messaging and Websense Web Security customers are protected against this attack.