Search This Blog

Powered by Blogger.

Blog Archive

Labels

Distributed malware network comprised of thousands of websites

Thousands of websites are being hacked and added to the Distributed malware network , warns Researchers at Sucuri Labs. The sites are being injected with the following iframe:

<iframe src="http://hackedsite.com/stats.php" name="Twitter" ..

"Once inserted, these iFrames can be controlled to distribute the malware of course, but they can also be used to add things like drive-by downloads, and other types of browser-based attacks. Although the exact vector is unknown, the malware has been found across sites with know outdated software, and in some cases known vulnerable versions." The Sucuri blog post reads.

How does a distributed web-based malware network function?
Site-X.com is hacked and a malicious file named stats.php is inserted into it. An iFrame is then added to source code from Site-Y.com/stats.php. Site-Y.com is also compromised, it has a stats.php file added to it, and an iFrame from Site-Z.com/stats.php added. 

"When all is said and done, you have a large network of compromised sites, all linking to each other and all with the same malware."
Share it:

Breaking News

Malware Report