New web-based malware attack hits internet

Graham Cluley, senior technology consultant at Sophos, claimed that JSRedir-R is now responsible for 42 per cent of all malicious infections on the web, and during the last seven days almost half of all malicious infections found on websites were caused by Troj/JSRedir-R.

Meanwhile, Mal/Iframe-F, which has been the most widespread web-based threat for more than a year, accounted for just seven per cent of infections this week. Overall, Sophos claimed that it is seeing one new infected webpage every 4.5 seconds - three times more than in 2007.

Cluley said: “No one should be in any doubt that the web is still the main vector of attack for cybercriminals, and this new threat suggests this situation isn't going to change anytime soon.

“The problem is that too many computer users still think there's no danger in surfing the web, but with legitimate sites often falling victim to these attacks, it's time to wake up. Hackers won't stop targeting the web as it's proving a successful way for them to spread their infections. To combat this, it's essential to scan every website for malicious code before visiting it.”

JSRedir-R has been found on high traffic legitimate websites where it loads malicious content from third-party sites including Gumblar.cn without users' knowledge. The malware can then be used to steal sensitive information for financial gain, to commit identity theft, or to meddle with search engine results.

 

Meanwhile Mary Landesman, senior security researcher at ScanSafe, claimed that the amount of compromises caused by Gumblar has now risen by 188 per cent. Landesman claimed that compromises had risen by 61 per cent since the last count.


See original article on scmagazineuk.com