U.S. media sites compromised, lead to malware
Posted on 07.05.2013
At least five U.S. media sites and a number of other popular ones have been compromised and are redirecting visitors to malicious URLs, Zscaler warns.

The sites have been injected with obfuscated JavaScript that contains an iFrame that redirects users to one of several sites serving the ZeroAccess Trojan and fake AVs.

The compromised sites include those belonging to Washington-based WTOP Radio and Federal News Radio, The Christian Post, Real Clear Science, Real Clear Policy, a popular online scuba diving forum, a picture aggregator site, and others. Zscaler researchers theorize that they probably have a common backend platform.

"Attacks targeting end users generally involve some form of social engineering whereby the potential victim must be convinced to visit a site, download a file, etc. Attackers will therefore write a script designed to comb the web looking for popular sites exposing a common flaw and when identified, inject a single line of malicious code into the sites," they explained. "In that way, any user visiting the otherwise legitimate (but now infected) site, can become a victim."

This particular mass compromise is targeting only Internet Explorer users, probably because the attackers are using exploits only for that particular software. Users who surf to the sites using any other browser don't trigger the redirection chain.

According to Zscaler, the sites were still compromised yesterday.









Spotlight

Infographic: 25 years of the firewall

Posted on 24 July 2014.  |  The firewall turned 25, and McAfee is celebrating with an infographic that creatively depicts its lifetime. If you take a moment to scan the infographic, you’ll notice the firewall's introduction and evolution coincide with certain security events.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Jul 25th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //