Hackers hit 40,000 websites with malicious JS

Hackers have compromised about 40,000 legitimate Websites, infecting them with malicious JavaScript that ultimately redirects users to a malicious site — typo-squatted misspellings of legitimate Google Analytics domains. "The Google Analytics site serves as a statistics keeper, and the Beladen site is used to host the exploits," said Stephan Chenette of Websense Security Labs. "It […]

Hackers have compromised about 40,000 legitimate Websites, infecting them with malicious JavaScript that ultimately redirects users to a malicious site — typo-squatted misspellings of legitimate Google Analytics domains. "The Google Analytics site serves as a statistics keeper, and the Beladen site is used to host the exploits," said Stephan Chenette of Websense Security Labs. "It analyzes the end-user PC and attempts to exploit several different unpatched vulnerabilities … If none of the unpatched vulnerabilities exist, it delivers a popup claiming that the PC is infected in an attempt to trick the user into installing rogue anti-virus software."

More InfoeWeek

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.