Drive-by download attack compromises 500K websites - Tech & Computer Forums

Go Back   Tech & Computer Forums > Computer Software > Viruses, Spyware and Malware
Closed Thread
 
Thread Tools Display Modes
 
Old 05-13-2008, 11:39 AM   #1 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,815
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Drive-by download attack compromises 500K websites

More than half a million web pages have been compromised with malware as part of a new attack, Trend Micro warns.
Badly configured PHP bulletin board applications are being used to plant malicious JavaScript on web forums. The JavaScript is used to push variants of the Zlob Trojan that come disguised as a video codec installer.

The Trojans change DNS and browser settings on infected PCs leaving them open to further attack. Many of the compromised forums were already used to spamvertise knock-down drugs and smut sites. In the UK most of the infected websites belong to small- to medium-size firms whose weak security controls have left the door open to hackers.
The malware is served up from systems based in the US and Russia. Trend reckons the latest attack bears the same hallmarks as previous attacks by a Russian and Ukrainian gang punting the Zlob Trojan. Trend has more on the attack in a blog posting here.
Cybercrooks are increasingly looking toward planting malicious script onto regular sites rather than attempts to trick users into visiting obviously dodgy sites touting warez and porn. Fake media codecs are becoming a favourite vector for spreading spyware and Trojans.
Last week McAfee warned that hundreds of thousands of samples of new Trojan that poses as a media file had flooded onto P2P networks. The booby-trapped files in that case and the Zlob-infected media codecs in the latest case both turn infected machines into zombie clients under the control of hackers.
In both cases the scale of the attack rather than the technology in play, which has been around for months, is what's noteworthy.

Drive-by download attack compromises 500K websites | Channel Register
__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hard drive randomly disappearing Gooms9 Hardware Repairs and Troubleshooting 11 05-18-2007 07:19 PM
Hard Drive Question Parky-RFC Hardware Repairs and Troubleshooting 7 04-28-2007 08:49 PM
Hard Drive Image question carnageX Hardware Repairs and Troubleshooting 26 04-13-2007 07:02 PM
Help a newb: simple issue with hard drive copying? AppleBag Hardware Repairs and Troubleshooting 1 04-12-2007 12:21 PM


All times are GMT -5. The time now is 12:16 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
Content Relevant URLs by vBSEO