Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

SecureBrowsing detects increased levels of compromised web sites

Finjan Software : 17 July, 2008  (Technical Article)
Increase in activity of web site hackers results in significant intrusion of internet sites in government and healthcare organisations
Finjan has announced that its SecureBrowsing in-the-cloud security tool detected over 1,000 unique website domains that were compromised by a new round of mass Web attacks that started during July 2008.

The attack toolkit being used by the attackers is aliased "Asprox", and has been around for some years gaining cybercrime popularity during 2007. This attack toolkit is designed to first search Google for webpages with the file extension [.asp]. Once found, it launches SQL injection attacks to append a reference to the malware file using the iframe tag, which makes it a highly efficient Crimeware tool.
Each of the compromised domains included a reference to a malware that was served by over 140 different domains across the Internet.

"Since the list of these malware serving domains increases every day, we believe this is just the tip of the iceberg for the scope and impact of this attack," said Yuval Ben-Itzhak, CTO of Finjan. "Among the compromised websites we found were those of respectable organizations, governmental institutes, healthcare organizations as well as high-ranked websites. It shows again the resourcefulness and flexibility of cybercriminals. It requires proactive security solutions to safeguard organizations against these kinds of mass Web attacks."

Finjan's research indicates that the malicious code is still being served by most of the websites and the "Asprox" toolkit is still in use at July 13, 2008.

Finjan's findings contain examples of compromised websites of organizations and businesses in the following categories: Shopping/Lifestyle (15%); Computing and Internet (15%); Government (13%); Healthcare (12%); Advertisement (13%) and others (32%).

The compromised websites were detected using Finjan's patented active real-time code inspection technology.
The findings are described in Finjan's latest research blog published today.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo