funsec mailing list archives
'Legit' website compromises reach epidemic proportions
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 5 Jun 2008 09:13:23 -0400
http://www.channelregister.co.uk/2008/06/05/scansafe_web_malware_survey/ Once upon a time surfers could stay unmolested by malware by staying away from warez and smut. Those days are well and truly over as changes in hacking tactics mean that compromised content on legitimate website has become the main conduit for so-called drive-by download attacks. Web security firm ScanSafe reports that two in three instances of web-based malware (68 per cent) it blocked last month came from legitimate sites. ScanSafe blames the increase on attacks that have planted malicious scripts, often exploiting iFrame web browser vulnerabilities, on pukka websites. Hacked sites are commonly used to deliver password-stealing Trojans and other strains of malware onto compromised PCs. For example, ScanSafe reported earlier this week that some pages on the Wal-Mart website were compromised in the latest phase of an ongoing series of SQL injection attacks. The attack was used to plant exploits of recent Flash vulnerabilities onto Wal-Mart's site. High-profile victims of malware attacks in May alone included Nature.com, Foofighterslive.com, Acer.co.th, Webster.edu and Photopass.com. Large-scale SQL Injection attacks started around six months ago in October 2007 and are affecting mom and pop website operations as well as household names. Attacks based on stolen FTP are also playing a significant (albeit secondary) role, according to ScanSafe. ...
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Legit' website compromises reach epidemic proportions Richard M. Smith (Jun 05)