|
Videos
April 22, 2008 By News Staff
A recent development of the malicious JavaScript injection that compromised thousands of domains at the start of this month is being tracked by Websense Security Labs. The attackers have switched over to a new domain as their hub for hosting the malicious payload in this recent attack. In the last few hours the number of compromised sites has increased by a factor of ten.
When a user browses to a compromised site, the injected JavaScript loads a file named 1.js. The JavaScript code then redirects the user to 1.htm. Once loaded, the file attempts 8 different exploits. The exploits target Microsoft applications, specifically browsers not patched against the VML exploit MS07-004 as well as other applications. Ominously files named McAfee.htm and Yahoo.php are also called by 1.htm but are no longer active at this time.
The number of sites affected is in the hundreds of thousands and include UK government sites and a United Nations Web site. Casualties of the previous attack included various U.S. news Web sites, a major Israeli shopping portal, and numerous travel sites.
You may use or reference this story with attribution and a link to
http://www.govtech.com/security/Mass-JavaScript-Attack-Compromises-UN-UK-Government_Web_Sites.html
Collaborative Justice: Transforming Criminal Justice Services Through Unified Collaboration
Cloud-Based Services Accelerate Public Sector Adoption of Video Collaboration
Daily Govtech News In Your Inbox
Subscribe to Government Technology
Subscribe | View Digital Issue