Hackers Jack Sites...Nah!!! Really???
May 2008
Hackers jack thousands of sites, including UN domains. Large numbers of legitimate Web sites, including government sites in the U.K. and some operated by the United Nations (UN), have been hacked and are serving up malware, a security researcher said today as massive java_script attacks last detected in March resume. “They’re using the same techniques as last month, of an SQL injection of some sort,” said the vice president of security research at Websense Inc., referring to large-scale attacks that have plagued the Internet since January. Among the sites hacked were several affiliated with either the UN or U.K. government agencies. The exact number of sites that have been compromised is unknown. He estimated that it is similar to the March attacks, which at their height infected more than 100,000 URLs, including prominent domains such as MSNBC.com. “The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack,” Websense said in an alert posted yesterday to its Web site. “We have no doubt that the two attacks are related.” Although the malware-hosting domain has changed, it is located at a Chinese IP address, just like the one used in March, he said. “It also looks like they’re using just the one [hosting] site, but changing the link within the java_script,” he added, talking about an obfuscation tactic that the attackers have used before.
Hackers jack thousands of sites, including UN domains. Large numbers of legitimate Web sites, including government sites in the U.K. and some operated by the United Nations (UN), have been hacked and are serving up malware, a security researcher said today as massive java_script attacks last detected in March resume. “They’re using the same techniques as last month, of an SQL injection of some sort,” said the vice president of security research at Websense Inc., referring to large-scale attacks that have plagued the Internet since January. Among the sites hacked were several affiliated with either the UN or U.K. government agencies. The exact number of sites that have been compromised is unknown. He estimated that it is similar to the March attacks, which at their height infected more than 100,000 URLs, including prominent domains such as MSNBC.com. “The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack,” Websense said in an alert posted yesterday to its Web site. “We have no doubt that the two attacks are related.” Although the malware-hosting domain has changed, it is located at a Chinese IP address, just like the one used in March, he said. “It also looks like they’re using just the one [hosting] site, but changing the link within the java_script,” he added, talking about an obfuscation tactic that the attackers have used before.
posted by arkietechs at 8:30 AM
0 Comments:
Post a Comment
<< Home