Cyber-attack launched from 10,000 web pages

  • Email a Friend
  • Print Page
Cyber-attack launched from 10,000 web pages
Mar 13, 2008 10:21 PM
Tags: cyberattack | launched | 10000 | web | pages

A security firm has identified over 10,000 web pages rigged by cyber-criminals to hijack the PCs of unsuspecting surfers..

The web pages have been modified to silently redirect visitors to sites laden with malware that attempt to break into the user's PC.

McAfee Avert Labs described the assault as "one of the largest attacks to date of this kind".

The redirects and attempted break-ins are all hidden from the unwitting user. Compromised web pages include everyday destinations such as travel, government and hobby sites.

The attack serves as a reminder that even trusted websites can be malicious, McAfee warned.

"Often you hear warnings about not going to untrusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs.

"That is good advice, but it is not enough. Even sites you know and trust can become compromised."

The reprogrammed web pages are probably victims of an automated attack that included scanning the internet for unsecured servers and planting a piece of JavaScript code that redirects to a site in China to serve up the malware.

The malware cocktail attempts to exploit vulnerabilities in Windows, RealPlayer and other applications to break into the PC. A back door also allows the subsequent installation of additional malicious programs.

McAfee Avert Labs first spotted the attack on 12 March. "Of the 10,000 pages that were compromised a number have already been cleaned up," the firm stated.

"A single entity is likely to be behind this attack, since the malicious code on all these pages came from the same server in China."

Copyright © 2009 v3.co.uk


 
Comments

Be the first to comment on this article.
Thoughts on this article? Add a comment below.
Comment:
Want to participate in the discussion?
Or log in now to comment
 
 
 
Top Stories
TIO website hit by malware
Weekend malware runs one new process per target machine.
 
Microsoft announces Azure launch date
Australia in second wave of country releases.
 
CBA embarks on "database-as-a-service"
Analysis: How the bank intends to save megabucks.
 

Spotlightthe topics we're following

Latest Comments

"Hahahah...What a joke!! "Conroy had said that it was not possible to apply ISP-level filtering ..."
by gerson Feb 9, 2010 10:39 PM
 
"@@Comments, yes, and history keeps repeating itself. Remember the earlier pr-and-media-fuelled ..."
by anonymous Feb 9, 2010 6:40 PM
 
"I would have paid good money to be in court when that clanger dropped. Could you imagine, the ..."
by Private Citizen Feb 9, 2010 6:23 PM
 
"He is not yet listed on NBN Co. website as part of their team of executives (http://www.nbnco.com..."
by Private Citizen Feb 9, 2010 6:07 PM
 
"That would be the list leaked on wikileaks that the minister denied was the ACMA list. The same ..."
by Private Citizen Feb 9, 2010 5:17 PM
1) HTC Magic16 plans 11%
2) Nokia E7149 plans 8%
3) Nokia N9743 plans 2%
4) Apple iPhone 3GS 16GB36 plans 12%
5) Apple iPhone 8GB42 plans 8%
1) iiNet32 plans 5%
2) Netspace36 plans 11%
3) TPG Internet19 plans 14%
4) Optus33 plans 1%
5) Telstra BigPond30 plans 1%

Mobiles | Broadband | Credit Cards

iTnews

Polls

What is the sweet spot for Apple's entry 16GB Wi-Fi iPad?




   |   View results
$549
  78%
 
$579
  10%
 
$619
  4%
 
$649
  3%
 
$699
  5%
TOTAL VOTES: 380

Vote