Loading
-
Single Hack Hacks 200,000 Web Pages
Techtree News Staff, Mar 18, 2008 1635 hrs ISTSecurity major McAfee says that a single attack which has been doing the rounds for a week may have managed to attach itself onto 200,000 Web pages.
Security major McAfee says that a single attack which has been doing the rounds for a week may have managed to attach itself onto 200,000 Web pages.
According to McAfee, most of these infected pages are running the phpBB Bulletin Board software. They've been embedded with a JavaScript file that links to a Web site hosting and transmitting the attack.
McAfee Avert Labs had previously spotted an ASP attack on March 12th. However an ASP attack is different from a phpBB one, as explained by Craig Schmugar, a researcher with McAfee. In ASP attacks, various exploits are used while phpBB attacks rely entirely on social engineering.
In the earlier ASP attack, hackers managed to get under their control nearly 10,000 Web sites where users were redirected through a maze of malware, with the goal of gaining access to their personal information. The hackers scoured the Internet for unsecured servers and planted JavaScript code that redirected users of many Web sites to a Chinese Web site which was sending out malware. The malware meanwhile was designed to use loopholes in Windows, RealPlayer, and other applications to break into the compromised PCs.
However in the latest phpBB attack, infected pages first bring up a pornographic Web site, after which a 'fake codec' social engineering attack is attempted. Users are asked to install the video codec in order to view a movie on the page. In the event, the user downloads the codec, a Trojan installs a malware package on the user's system then delivering a fake error message telling users that the said codec could not be installed. In the meantime, the harm is already done.
Meanwhile, the recent attacks, which have been a hot topic of discussion amongst several programmers, are believed to have been made possible thanks to outdated phpBB quick installs (ipowerweb) on several servers.
According to McAfee, most of these infected pages are running the phpBB Bulletin Board software. They've been embedded with a JavaScript file that links to a Web site hosting and transmitting the attack.
McAfee Avert Labs had previously spotted an ASP attack on March 12th. However an ASP attack is different from a phpBB one, as explained by Craig Schmugar, a researcher with McAfee. In ASP attacks, various exploits are used while phpBB attacks rely entirely on social engineering.
In the earlier ASP attack, hackers managed to get under their control nearly 10,000 Web sites where users were redirected through a maze of malware, with the goal of gaining access to their personal information. The hackers scoured the Internet for unsecured servers and planted JavaScript code that redirected users of many Web sites to a Chinese Web site which was sending out malware. The malware meanwhile was designed to use loopholes in Windows, RealPlayer, and other applications to break into the compromised PCs.
However in the latest phpBB attack, infected pages first bring up a pornographic Web site, after which a 'fake codec' social engineering attack is attempted. Users are asked to install the video codec in order to view a movie on the page. In the event, the user downloads the codec, a Trojan installs a malware package on the user's system then delivering a fake error message telling users that the said codec could not be installed. In the meantime, the harm is already done.
Meanwhile, the recent attacks, which have been a hot topic of discussion amongst several programmers, are believed to have been made possible thanks to outdated phpBB quick installs (ipowerweb) on several servers.
Related Links
Tag keywords
Discussion Board
(1) Comments
Sunny Doiphode
,Mumbai, on Mar 18, 2008 09:12 PM
Report abuse
Opinion Poll
- Which desktop web browser do you use?
-
Internet Explorer
Firefox
Chrome
Safari
Opera
Other (specify in comments)
Poll Results View Previous Polls