Single-line attack infects thousands of Web sites

Thousands of Web sites have fallen victim to an attack using just one line of code that maliciously re-directs browsers via Javascript to servers that are hosting a variety of drive-by exploits. Multiple browsers and operating systems are affected by this code if not correctly patched. Once installed, the new software can then be used […]

Thousands of Web sites have fallen victim to an attack using just one line of code that maliciously re-directs browsers via Javascript to servers that are hosting a variety of drive-by exploits. Multiple browsers and operating systems are affected by this code if not correctly patched.

Once installed, the new software can then be used to steal personal information or enlist a compromised machine in attacks on other machines. According to security vendor Websense, the attack now affects over 10,000 Web sites worldwide and that list continues to grow. According to Trend Micro, servers hosting some of the malicious code have been traced to Chicago, the San Francisco Bay Area, and Hong Kong.

The attack, dubbed Mpack, uses cross-site scripting to place malicious iFrames on legitimate Web sites. Iframes are used by Web designers to open additional windows (often hosted on other sites) within a main Web page; iframes can also be used by criminal hackers to redirect browsers to malicious-code sites. Trend Micro believes this latest attack was automated. Websense reports that the server where users are re-directed includes a counter that shows large numbers of visitors from Italy, Spain, and the United States.

Full post

Internet, Web sites, Security, Attack, Threats, Malicious code, Javascript, Web Browsers