Join the Community

22,188
Expert opinions
44,252
Total members
405
New members (last 30 days)
212
New opinions (last 30 days)
28,727
Total comments

Thousands of web sites have mystery malware exploit

Interesting item covered by The Register about a huge number of web sites apparently serving up malware. And as yet no one has worked out how they were compromised.

This is a really sneaky exploit - when a user requests the home page from the site, a reference to a local javascript file is included dynamically in the page. The name of the file changes randomly and the file only exists while the user is accessing the page. So it doesn't persist and can't be spotted by admins. The javascript contains multiple exploits to attempt to install a backdoor to your system.

No one has yet worked out how these servers were compromised in the first place. Most of them are running Apache on Unix/Linux - so what sets these apart from the many tens of thousands of hosting servers running the same stuff?

Earlier in the week the estimate was around 10,000 infected sites.

You can read the full story at Scansafe and The Register.

Be careful out there. 

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,188
Expert opinions
44,252
Total members
405
New members (last 30 days)
212
New opinions (last 30 days)
28,727
Total comments

Trending

Boris Bialek

Boris Bialek Vice President and Field CTO, Industry Solutions at MongoDB

Enhancing Digital Banking Experiences with AI

Barley Laing

Barley Laing UK Managing Director at Melissa

Reducing the impact of AI-driven fraud in 2025

Now Hiring