On the heels of recent iframe attacks, we're currently tracking another mass compromise. This attack involves injection of script into valid web page to include a reference to a malicious .JS file (sometimes in the BODY, other times in the TITLE section). The .JS file uses script to write an IFRAME, which loads an HTML file that attempts to exploit several vulnerabilities, including:
* MS06-014 * RealPlayer (ActiveX Control) * Baofeng Storm (ActiveX Control) * Xunlei Thunder DapPlayer (ActiveX Control) * Ourgame GLWorld GlobalLink Chat (ActiveX Control)
Avert Labs says its initial look shows more than 10,000 web pages have been compromised so far, and that "analysis is ongoing."
Also Wednesday, CA reported a new threat that it is classifying as a "high" threat: Dialer.Saristar, as well as a couple of other threats, including one which it is saying is "critical."
Pardon this blog item being cut short, but there are a firewall and some AV applications around here that may need double-checking.
Update, 7:36 p.m. ET - McAfee Avert Labs has updated its information, and provided a video showing what happens on the end-user's side after one of these attacks has left its malware.
- How Windows 8 Beta Could Underwhelm Us
- Three New Features For Business We Want In iPad 3
- How Meg Whitman Can Save WebOS
- 'Extra-PC Era' Describes It Better
- LibreOffice’s Bold Course for the Tablet
- Leaving Your iPhone In The Back Of A Cab
- Analysis: Ubuntu's 'Open for Business' Sign To Developers
- Firefox Memory Leaks Once Again Causing Frustrations
- Microsoft’s Windows 8 To Do List Short, But Serious
- The Door Cracks Open for the BlackBerry PlayBook
- Today’s Daily App: Maven Web Browser for iPad
- Will Ubuntu Again Benefit From Industry Turmoil?
- Samsung Takes Swipe At Google With Its Windows 7 Slate
- Intel Inside Android, via McAfee Security
- Why Michael Dell Is Right About PCs, And HP Could Be Wrong
- Why 2011 Is The Year Of Open Source
- What If They Had A Tablet Price War And Nobody Came?
- Why Google Needs to Get a Grip on Security
- Google Puts the Blocks Up With Personal Blocklist
- Is Salesforce.com’s Chatter Just More Noise?
| • |
| • |
| • |
| • |
| • |
| • |
| • |
|
|
