Global leaders are coming to Zenith Live. Are you? Learn More
Global leaders are coming to Zenith Live. Are you?
Learn More

China’s NCGA Government Site Infected With Hidden Malicious Iframe

By: ThreatLabz

Compromise

China’s NCGA Government Site Infected With Hidden Malicious Iframe

Today, we discovered that NingBo SME Credit Guarantee Association (NCGA), a Chinese government web site, is infected with a malicious hidden IFRAME. Of the infected page, is one where member registration is required. Here is the infected webpage:

 

 

The iframe is injected at the bottom of the webpage (hxxp://nbdb.nbsme.gov.cn/reg.asp). and the following is a screenshot of the infected iframe:

The malicious iframe when decoded points to additional JavaScript. Here is the decoded script,

 

Currently, above mentioned malicious site is down.

Be Safe.

Umesh

 

 




Suggested Blogs