Tweet
August 24th 2009
Posted by Ryan Naraine @ 12:08 pm
Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.
According to Mary Landesman, a researcher in ScanSafe’s security threat alert team, the cybercriminals have embedded a malicious iFrame into tens of thousands of Websites to fire exploits at unsuspecting PC users who surf to one of the rigged sites.
The iFrame points to an intermediary exploit site which in turn loads additional exploits and malware from up to seven different malware domains, Landesman said.
She ran a Google search of the iFrame script tag and found it embedded on about 54,900 sites, many of them legitimate online destinations.
Victim sites include Free RSS News Widgets and RSS Gadgets - Feedzilla.com, latindiscover.com, and a number of charitable and nursing facilities, including howellcarecenter.com, sweetgrassvillagealf.com, Foods Resource Bank - A Christian response to world hunger., and morningsideassistedliving.com.
At the time of writing this blog post, the number of hacked sites listed in Google results climbed to 56,000.
It is not yet clear which vulnerabilities are being exploited in this attack but, judging from recent history, end users should ensure that operating system and desktop software programs are fully patched.
The most common programs under attack include Adobe Flash, Adobe PDF Reader, Apple’s QuickTime, WinZip and RealPlayer. In addition to Microsoft Windows patches, these desktop applications should be updated to the newest version immediately.
55,000 Web sites hacked to serve up malware cocktail | Zero Day | ZDNet.com
Posted by Ryan Naraine @ 12:08 pm
Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.
According to Mary Landesman, a researcher in ScanSafe’s security threat alert team, the cybercriminals have embedded a malicious iFrame into tens of thousands of Websites to fire exploits at unsuspecting PC users who surf to one of the rigged sites.
The iFrame points to an intermediary exploit site which in turn loads additional exploits and malware from up to seven different malware domains, Landesman said.
She ran a Google search of the iFrame script tag and found it embedded on about 54,900 sites, many of them legitimate online destinations.
Victim sites include Free RSS News Widgets and RSS Gadgets - Feedzilla.com, latindiscover.com, and a number of charitable and nursing facilities, including howellcarecenter.com, sweetgrassvillagealf.com, Foods Resource Bank - A Christian response to world hunger., and morningsideassistedliving.com.
At the time of writing this blog post, the number of hacked sites listed in Google results climbed to 56,000.
It is not yet clear which vulnerabilities are being exploited in this attack but, judging from recent history, end users should ensure that operating system and desktop software programs are fully patched.
The most common programs under attack include Adobe Flash, Adobe PDF Reader, Apple’s QuickTime, WinZip and RealPlayer. In addition to Microsoft Windows patches, these desktop applications should be updated to the newest version immediately.
55,000 Web sites hacked to serve up malware cocktail | Zero Day | ZDNet.com
Comment