Please support our Tech Talk advertiser: Programming Forums
Featured Entry 
Mar 13th, 2008, 11:54 am
Security researchers at McAfee have uncovered one of the biggest attacks of its kind to date, with some 10,000 web pages which had been rigged to entrap unsuspecting visitors.
Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection JavaScript code to drive them to an invisible attack launched from China-based servers according to McAfee Avert Labs. Upon successful redirection, the exploit will install a password-stealing program on the user's computer.
A variety of web pages were found to have been compromised, including travel, government and hobbyist sites. "Often you hear warnings about not going to un-trusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs. "That is good advice, but it is not enough. Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited."
Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection JavaScript code to drive them to an invisible attack launched from China-based servers according to McAfee Avert Labs. Upon successful redirection, the exploit will install a password-stealing program on the user's computer.
A variety of web pages were found to have been compromised, including travel, government and hobbyist sites. "Often you hear warnings about not going to un-trusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs. "That is good advice, but it is not enough. Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited."
This blog entry was written by Bill Andad, staff writer aka newsguy. It has received 1,058 views, 0 comments, and 4 linkbacks. 4 voters have rated this entry an average of 4.75 out of 5 stars. It was promoted to featured status Mar 13th, 2008.
•
•
•
•
advertising apple botnet browser business copyright crime data development email europe facebook firefox forensic games gaming google hacking hardware ibm internet iphone ipod itunes law legal linux malware microsoft mobile mozilla music news privacy research search security software spam survey technology trojan uk video virus vista web windows yahoo youtube
All Recent Tags Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Tech Talk Marketplace
Related Blog Entries
- WinDefender 2008 How to Get rid of it (2 Hours Ago)
- Thunder Tables Kill Microsoft 40-bit Encryption (1 Day Ago)
- Apple Leaves Customers Bugging Out! (4 Days Ago)
- T-Mobile loses 17 million customer records (6 Days Ago)
- Who Really Rules The World? (7 Days Ago)
- Apple iTunes Store Closing Bluff Works (9 Days Ago)
- Elvis cloned! (10 Days Ago)
- Moles attack data (10 Days Ago)
- No iTunes required for 2.1 billion mobile music downloads (12 Days Ago)
- States Begin Requiring Encryption of Personal Data (13 Days Ago)
