The North American network revealed that etix.cbs.com was compromised as a result of malicious activity. Cybercriminals added a malicious obfuscated script to the infected page which added a malicious IFrame to the page.
The injected IFrame automatically loads another malicious script from a remote server controlled by criminals in Russia, causing a possible installation of malware on the unsuspecting client machine. Finjan reported that actions had already been taken to turn the particular Russian server offline.
Finjan CTO Yuval Ben-Itzhak said: “This saga confirms our many previous warnings that obfuscated code posing a serious threat to internet users' PCs. Our threat reports have continued to identify the increasing use of code obfuscation as a means of bypassing traditional signature-based solutions in order to propagate malware.
“This saga illustrates the popularity of malicious obfuscated code as a weapon of choice by criminal hackers. It also highlights the fact that no web portal, no matter how high ranking, can be totally secure against a system hack and consequent infection of its visitors. Web users need to exercise caution at all times.”
See original article on SC Magazine US
_(33).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
