Tech News

TeamSpeak server hijacked to send Malware

By Steve Ragan Apr 16, 2007, 9:20 GMT

The popular gaming communications platform, TeamSpeak, was the victim of a SQL Injection attack over the weekend. This attack resulted in Spam sent to users, which contained Malware. The Malware located in the file named ‘patch.exe’ is reported by several Anti-Virus vendors to be suspect in nature, or a member of the LdPinch Trojan family. The email headers for the rouge message detail where the exploit originated. Looking at the X-Mailer line you can see the source of the problem.---
X-Priority: 3
X-Mailer: vBulletin Mail via PHP
Date: Sat, 14 Apr 2007 21:12:57 +0200
---The email, form the address noreply [at] goteamspeak.com, offered some advice to TeamSpeak users, “Now you can download new Team Speak patch. It will help you to use our Team Speak servers. We advise you to download it now.” The file was hosted on the TeamSpeak servers for several hours according to forum posts, which allowed for an unknown number of downloads.The exploit centers on the websites forum software vBulletin. The attack uses SQL Injection code released by a person known only as “SekoMirza” online. The code attacks vBulletin version 3.6.5 or earlier, the same version used on the TeamSpeak forums. TeamSpeak addressed the issue, by removing the file and for a short time Saturday, it appeared as though they took down the forum for maintenance.“If you participate in our forums, you may have recently received an email asking you to download a patch.exe file. Please do not download or execute this file. Recently a security exploit on our website allowed an intruder to send a mass-email to all registered forums users, informing them of a supposed patch for TeamSpeak. The email was malicious in nature. We have been working around the clock to address this issue and as of this moment it is now resolved. Please keep in mind we take these matters very seriously and are always doing everything we possibly can to ensure that your visit to our website is safe and secure,” they announced on their website.Anti-Virus coverage for the malicious attachment was strong and many caught the potential infection almost instantly.

On the Web

Blowing Up Blogs

Place your ad here
Loading...

Your Talkback on this Story

Latest Headlines in Tech

Older Talkback

Like M&C on Facebook

Custom Search

Viral Web

In Monsters and Critics

: Arts; Books; DVD; Gaming; Lifestyle; Movies; Music; News; People; Science & Nature; Sport; TV; Archives
Other Languages and Sites: Deutschland (Monsters and Critics); The Tech Herald; Free Games Herald; XPRNC; Deutschland (Der Technikbote); Deutschland (Bellalu)

Entertainment: Arts; Books; DVD; Gaming; Movies; Music; People; Soundtracks; TV
Media: Celebrity Photos; Movie Pictures; Movie Trailers; Movie Posters; Theatre Stills
Released this week: Movies - USA; Movies - UK; DVD - USA
Distractions: Online Games; Daily Crossword; Sudoku Classic; Daily Jigsaw

World News: US; UK; Americas; Europe; Middle East; Asia Pacific; South Asia; Africa; Business; Education; Health
Science and Tech: Science and Nature; Technology
Lifestyle: Autos; Fashion; Life; Travel

Corporate

: About; Advertise; Contact; The Team; Vacancies; Privacy; RSS; Site Map; Terms; Webmasters

The Fine Print

© 2003 - 2012 by Monsters and Critics.com, WotR Ltd. All Rights Reserved. All photos are copyright their respective owners and are used under license or with permission. * Note M&C cannot be held responsible for the content on other Web Sites.

Servers supplied by Servint