Vincenzo Di Russo's [MVP IE] Blog


enzodirusso


--------------------------------------------

--------------------------------------------

--------------------------------------------

Ora e Data
Calendario
dicembre 2017
lmmgvsd
27282930123
45678910
11121314151617
18192021222324
25262728293031
1234567

Compromised Websites Hosting Malicious JavaScript.



Compromised Websites Hosting Malicious JavaScript
added April 25, 2008 at 04:45 pm
"... US-CERT is following reports of SQL injection attacks that have compromised a large number of legitimate websites. The compromised websites contain injected JavaScript that attempts to exploit multiple, known vulnerabilities. Users who visit a compromised website may unknowingly execute malicious code..."

Centinaia di migliaia di siti web legittimi compromessi da un'infezione SQL injection (JavaScript maligni che vengono eseguiti automaticamente sul computer del visitatore).

SANS Internet Storm Center: Hundreds of thousands of SQL injections
"... Hundreds of thousands of SQL injections UPDATE.
It is recommend that you block access to hxxp:/www.nihaorr1.com and the IP it resolves to 219DOT153DOT46DOT28 at the edge or border of your network.
1.js is the file they are currently injecting. That could change and has been injected into thousands of legitimate websites. Visitors to this website are “treated” to 8 different exploits for many windows based applications including AIM, RealPlayer, and iTunes.
DO NOT visit sites that link to this site as you are very likely to get infected.
Trendmicro named the malware toj_agent.KAQ it watches for passwords and passes them back to contoller’s ip..."

MSRC blog (http://blogs.technet.com/msrc): Questions about Web Server Attacks

Messaggi collegati


-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

Mappa
Copyright © 2002-2007 - Blogs 2.0
dotNetHell.it | Home Page Blogs
ASP.NET 2.0 Windows 2003