BrideX worm bites Kaspersky Labs

In a bold move, a group of hackers launched a successful attack on the Web server of Russian computer security firm Kaspersky Labs Ltd. on Friday, managing to implant and distribute a copy of the recently discovered Bridex worm in the company's e-mail newsletter. The successful exploitation of Kaspersky's e-mail list followed what the company described in a statement as a "massive attack" against its Web server on Friday evening, according to Denis Zenkin, head of corporate communications at the Moscow-based company. A statement posted on Kaspersky's Web site said that the attack began on Thursday night, November 7. According to Zenkin, the attackers used a sophisticated and "exotic" attack to compromise the company's Web server and gain access to a folder containing mail messages sent out by the company. From those messages, the attackers were able to obtain the distribution list for the company's e-mail newsletter. A copy of that newsletter was distributed to Kaspersky's customers along with an attached executable file containing the Bridex worm. Zenkin refused to provide details on the attack, citing concerns that other members of the hacker community would use that information to carry out further attacks. Zenkin did disclose that Kaspersky's Web server runs the FreeBSD operating system, a version of UNIX, and the common Postfix e-mail server software. Hackers were not able to gain access to Kaspersky's e-mail address book, nor were they able to penetrate areas of the Web server containing virus signatures for Kaspersky's antivirus software, Zenkin said.