Irish Stock Exchange Website Compromised

I regularly read the US-CERT (United States - Computer Emergency Readiness Team) website to follow current activity. This morning, there was a warning of an attack that has compromised a large number of legitimate websites. One of the compromised sites generated quite a bit of media attention since it's a security related website. However, I thought it might be interesting to see if any other well known websites had also been compromised.



After a little searching I saw that the Irish Stock Exchange website, www.ise.ie had been a victim of the attack. The Announcement List asp page had been compromised in an attempt to add a link to a malicious Trojan hosted on a different web server. Fortunately, this issue has already been resolved but evidence of the attack against the site is revealed in a google cache search of the announcement page.

How much does a Botnet cost?

It could cost you up to 60 years in prison along with a $1.75 million fine. At least that's the situation facing John Shiefer as reported recently by the Los Angeles Times.

Schiefer is reported to have compromised up to a quarter of a million computers and used them to steal personal financial information from his victims. He will now go down in history as the first person to be accused of running a botnet under the US federal wiretapping law.