Friday, June 05, 2009

Mass Injection Attack Hits 20,000 Web Sites

Websense Security Labs has detected a mass injection attack affecting 20,000 web sites with malicious JavaScript that hides code redirecting users to a site with active exploits. The attack, uncovered last week, used a domain similar to the legitimate domain for Google Analytics.

In another post this week, Websense Security Labs provided more technical details about what it called the Beladen attack, German for "loaded," because the hacked web site is loaded with exploits.

Basically, the hacked legitimate site contains obfuscated code, does some checks to make sure to verify the referrer to prevent exposure of the code, and then redirects the user's browser to the Beladen web site, chock full of malicious goodies.


Post a Comment

<< Home