Chinese Security Site Under New Kind of Attack

SkiifGeek writes "The main site for the Chinese Internet Security Response Team (CISRT) has been serving up infrequent attacks against site visitors through the use of an injected IFRAME tag that attempts to download and install numerous pieces of malicious software. While the source of the attack has yet to be identified, suspicion is that it might be an ARP attack being hosted by the CISRT's hosting provider. Rather than a straight-up infection attempt against all site visitors (as was the case with the Bank of India hack), it is an interesting evolution to see intermittent attack attempts against site visitors."

Re:Strange Choice of Target, eh?

[WindBourne]

Unless of course, the security site is doing it iself. I would not be surprised if they are trying to inject into clients. More importantly, I would guess that it would not attack systems that come from other known security sites.