New Attack Infects More than 100,000 Sites

Paul Lilly

As if there weren't already enough infected websites floating around in cyberspace, security researchers are warning of a new mass injection attack that has already compromised more than 130,000 Internet destinations since the attacks first began in late November.

Researchers say the nasty code is a rogue IFrame being used to exploit visitors and inject their PCs with a banking trojan.

"The injected IFrame loads the first stage of malicious content from A series of IFrames and code redirections (invisible to the user) then ensues, culminating in a rather curious methoed for managing the final payload," explains mary Landesman, serior security researcher at Web security company ScanSafe, now part of Cisco.

Landesman says the redirects are used to determine the potential victim's web browser, Flash Player version, and other details. Using that information, only exploits relevant to that person's setup are used.

Image Credit:

Around the web