IT company SafeScan reported the detection of the fact of mass hacking more 2000 sites . Of the thousands of legitimate sites , cybercriminals have sources distribution of various malicious software
What do you think? say
According to Mary Landesman, senior security specialist SafeScan, Unlike previous mass attacks on websites, conducted by a malicious code Gumblar, in the current round of attacks exploit to compromise placed directly on the server, which serves a particular site. A few months ago, According to analysts of virus Sophos, the share of this virus around pripadaet 42% of cases of infections. It should be noted that in each case breaking the malicious file was located under a unique name, which in most cases very similar to any actually existing file on a Web server. This trick significantly impeded the discovery of cracking. Script options there is great variety, but often it can be found right around the tag "Body" of compromised document HTML. "After hacking the servers housed poisonous cocktail of malicious code. We do not rule out the possibility that attackers continue to improve methods of attacks by Gumblar, for further difficulty of detection, "- says Landesman. She said earlier Gumblar has already infected thousands of sites that acted as a break after redirector for hacking resources. Now, hackers have started to place malicious code directly on the server, to hasten the process of infecting computers users. "Most break open the sites - which projects a small business who do not bother too much for adequate security for their resources, " - She says. In the current version of the attack people who are not fortunate to attend these sites, do not see anything unusual. However, in the background when you connect PHP-enabled file that checks the version of Adobe Flash or Adobe Reader on computer. If you find a vulnerable version of the software, the program trying to hack it with known exploits. Later hacked PC turns into a backdoor.
News by topic:
Previous and next news :