Dr. Web found an unknown virus on the Russian portal of public services

The developer version.Web found on the Russian portal of public services unknown virus, which can infect the computers of site visitors, reported July 13, the press service of Dr. Web.

The virus causes the browser of any visitor of the website gosuslugi.ru discreetly contact one of at least 15 domain names that are registered to an unknown private person. «In response from those domains can enter any independent document from a fake data entry form credit cards and ending with the bust of a set of vulnerabilities to get access to the computer of the visitor of a site», – the developers of antivirus.

After the user visited the portal of public services, to the website’s code is added to the container iframe, which allows you to download or request any third-party data from the user’s browser.

Set the start date of infection of the portal is not yet possible, says Dr. Web. Also antivirus developer acknowledges that the data from these domains could not be obtained, because most of them expired security certificate or it does not contain malicious code. In this case, indicate in Dr.Web, nothing prevents the owners of these domains renew certificates at any time and place malicious code.

On the evening of 13 July, the administration of the website services commented in a Twitter message that the site is compromised. It was called «minor» discovered by Dr. Web threat.

Good afternoon. The potential threat is negligible, at the moment eliminated in the near future will be closed.

— Portal (@EPGU) July 13, 2017

Dr. Web found an unknown virus on the Russian portal of public services 14.07.2017

Июль 14th, 2017 by
36 queries