Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Hacking: Legitimate sites serving up stealthy attacks

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg |

malware-help0005-12-jan-08.jpg "Thousands of legitimate Web sites are hosting an infection kit that evades detection by attempting to compromise each visitor only once and using a different file name each time, Web security firm Finjan warned last Monday. The attack, dubbed the "Random JS toolkit" by the security firm, currently uses dozens of hosting servers and more than 10,000 legitimate domains to attempt to exploit the systems of visitors to the sites, the company said in an analysis posted to its Web site.

The compromised sites host the malicious code — foregoing the iframe redirect that has increasingly been used by attackers — and serves up the attack to each visitor only once using a random file name each time. The two techniques, along with more traditional code obfuscation, makes the attack difficult to find, said Yuval Ben-Itzhak, chief technology officer for Finjan. "This attack uses three different methods to go undetected by signature-based or URL-based defenses," Ben-Itzhak said. "If you realize that you’ve been infected, and you go and search sites, you will not be able to find the site that infected you."" – Content courtesy of Legitimate sites serving up stealthy attacks

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: