Source: McAfee Avert Labs Blog
McAfee breaks the news of another mass website compromise being used to disseminate malware (similar to this earlier incident), which includes many reputable sites. "More than ten thousand" sites have been maliciously altered to include a Javascript file which triggers a cascade of attempts to install a mixed bag of malware. Frequency X suggests that the compromise vector was a combination of IIS+ASP+SQL.
Friday, 14 March 2008
Subscribe to:
Post Comments (Atom)
1 comments:
STAT Blog says that the threat has been overstated. The number of affected sites is much lower than reported, and most of the compromises are broken and ineffective.
Post a Comment