10,000 booby trapped web pages revealed
Please support our Hardware and Software advertiser: Programming Forums
Mar 13th, 2008, 11:54 am
Security researchers at McAfee have uncovered one of the biggest attacks of its kind to date, with some 10,000 web pages which had been rigged to entrap unsuspecting visitors.
Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection JavaScript code to drive them to an invisible attack launched from China-based servers according to McAfee Avert Labs. Upon successful redirection, the exploit will install a password-stealing program on the user's computer.
A variety of web pages were found to have been compromised, including travel, government and hobbyist sites. "Often you hear warnings about not going to un-trusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs. "That is good advice, but it is not enough. Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited."
Although the infected web pages look the same as they always did, under the hood the cyber-crooks had added some redirection JavaScript code to drive them to an invisible attack launched from China-based servers according to McAfee Avert Labs. Upon successful redirection, the exploit will install a password-stealing program on the user's computer.
A variety of web pages were found to have been compromised, including travel, government and hobbyist sites. "Often you hear warnings about not going to un-trusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs. "That is good advice, but it is not enough. Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited."
•
•
•
•
This blog entry was written by Bill Andad, staff writer aka newsguy. It has been filed under the Hardware and Software category. It has received 1,484 views, 0 comment(s), and 4 linkbacks. It was promoted to featured news status Mar 13th, 2008.
Related Blog Entries
- Hotz does it again, iPhone 3GS is jailbroken!!! (16 Hours Ago)
- Yahoo Announces 'Green' Data Center Powered by Niagara Falls (1 Day Ago)
- Neverland is Your Virtual Linux Playground (1 Day Ago)
- Pink iPhone 3GS is hot stuff (1 Day Ago)
- Sarah Palin Hacked Off (2 Days Ago)
Related Forum Threads
- Greatest threat to world peace (Geeks' Lounge)
- What anti-spy/antivirus/security combination? (Viruses, Spyware and other Nasties)
- Random Web Site Redirects (Viruses, Spyware and other Nasties)
- w32\alemod.e.dll removal - help! (Viruses, Spyware and other Nasties)
- Securely Allow users to add to Database (PHP)
- How to remove cool web search (Viruses, Spyware and other Nasties)
- IE has encountered an error and must close (Web Browsers)
- Suggestions for my web hosting news site? (Growing an Online Community)