Actu
Websense’ Security Alert about Peugeot
March 2009 by Websense
Websense Security Labs ThreatSeeker Network has discovered that the official Web site of Peugeot in Romania has been compromised and is infecting the machines of site visitors with malicious code. Malicious code has been inserted onto the reported page of the site via iframes. These iframes redirect to the pages of a different host that contains malicious obuscated JavaScript code. This code takes advantage of the MS Snapshot Viewer exploit (CVE-2008-2463), and the Adobe Reader PDF exploit (CVE-2007-5659).
Peugeot is a major French car brand. Its parent company PSA Peugeot Citroën is the second largest carmaker in Europe, behind Volkswagen. Peugeot’s roots go back to pepper, salt, and coffee mill manufacturing in 1842 and later bicycle manufacturing at the end of the 19th century. Its world headquarters are in Paris, Avenue de la Grande Armée, close to Porte Maillot and the Concorde Lafayette Hotel but the Peugeot company and family is originally from Sochaux, France.
Websense ThreatSeeker Network has been tracking how this type of attack is carried out successfully over such reputable Web sites, targeting their peers and other visitors.
Websense Messaging and Websense Web Security customers are protected against this attack.
