Karen Swim

Writer, Marketer, Woman of Purpose

55,000 Web sites hacked to serve up malware cocktail | Zero Day | ZDNet.com

August 24th, 2009

55,000 Web sites hacked to serve up malware cocktail

Posted by Ryan Naraine @ 12:08 pm

Categories: Adobe, Anti Virus, Arbitrary Code Execution, Botnets, Browsers, Complex Attacks, Data theft, Exploit code, Flash, Hackers, Locally Running Web Servers, Malware, Passwords, Viruses and Worms, Vulnerability research

Tags: Web, Malware, Web Site, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.

According to Mary Landesman, a researcher in ScanSafe’s security threat alert team, the cybercriminals have embedded a malicious iFrame into tens of thousands of Websites to fire exploits at unsuspecting PC users who surf to one of the rigged sites.

The iFrame points to an intermediary exploit site which in turn loads additional exploits and malware from up to seven different malware domains, Landesman said.

She ran a Google search of the iFrame script tag and found it embedded on about 54,900 sites, many  of them legitimate online destinations.

Victim sites include www.feedzilla.com, latindiscover.com, and a number of charitable and nursing facilities, including howellcarecenter.com, sweetgrassvillagealf.com, www.foodsresourcebank.org, and morningsideassistedliving.com.

At the time of writing this blog post, the number of hacked sites listed in Google results climbed to 56,000.

It is not yet clear which vulnerabilities are being exploited in this attack but, judging from recent history, end users should ensure that operating system and desktop software programs are fully patched.

The most common programs under attack include Adobe Flash, Adobe PDF Reader, Apple’s QuickTime, WinZip and RealPlayer.  In addition to Microsoft Windows patches, these desktop applications should be updated to the newest version immediately.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan’s full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan’s activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

If you missed reading this on Monday, it’s well worth the read so that you can take steps to shore up your online security.

Posted via web from Marketing, Musings and More from Karen Swim

Advertisements

August 27, 2009 - Posted by | Uncategorized

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: