Peaches Posted June 3, 2009 Report Share Posted June 3, 2009 June 2009, 12:20Tens of thousands of web sites fall victim to a mass hack attack "Websense, a security services provider, says it has observed mass hack attacks in which criminals embed their own JavaScript on web sites. Apparently, visitors to those sites are diverted to a domain bearing a name such as google-analytics.com, where a server attempts to infect their PCs with exploits for Internet Explorer, Firefox and QuickTime. The server is reportedly located in the Ukraine. Websense says the recognition rate for the malware is still relatively low and, up to now, more than twenty thousand legitimate web sites have been manipulated.It isn't clear yet how the criminals managed to slip their code into the sites. They probably used SQL injection vulnerabilities in web applications held on the servers, or intercepted FTP access data. Administrators can recognise an infection of their web sites by its heavily obfuscated JavaScript code, an impression of which is given in the original Websense report."Heise security for full details - http://www.h-online.com/security/Tens-of-t...k--/news/113442 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.