Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Cybercrooks rigs thousands of Web pages to hijack PCs.

McAfee : 13 March, 2008  (Company News)
McAfee identifies more than 10,000 Web pages rigged by cybercriminals to hijack PCs of unsuspecting Web surfers, one of the largest attacks to date of this kind.
The Web pages McAfee has identified have all been modified with code that silently redirects visitors to another Web site laden with a malware cocktail that attempts to break into the user's PC. The redirect and the attempted break-ins all happen without the Web surfer being aware that it is happening.

Compromised Web pages include pages on everyday Web sites such as travel sites, government Web sites and hobbyist sites. The attack is as a reminder that even trusted Web sites could be malicious.

'Often you hear warnings about not going to un-trusted sites,' said Craig Schmugar, threat researcher at McAfee Avert Labs. 'That is good advice, but it is not enough. Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited.'

Miscreants likely reprogrammed the Web pages in an automated attack that included scanning the Internet for unsecured servers and subsequently planting a piece of JavaScript code that redirects to a site in China to serve up the malware. The malware cocktail attempts to exploit vulnerabilities in Windows, RealPlayer and other applications to break into the PC.

The malware that is ultimately planted tries to steal passwords to online games. A back door also allows the subsequent installation of additional malicious programs. Cybercrooks have increasingly been targeting online gamers as items in virtual worlds and characters in games have now got monetary value in the physical world.

McAfee Avert Labs first spotted this attack on Wednesday morning, March 12, 2008. Of the 10,000 pages that were compromised a number has already been cleaned up. A single entity is likely behind this attack, since the malicious code on all these pages was served up from the same server in China.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo