UK Government Website Hacked And Infected
A Welsh government Web site has been hacked to serve up malicious JavaScript, a sign that the spate of attacks first spotted last month are continuing, analysts from security vendor Sophos warned Friday.
The method of attack is similar to one that recently victimized pages within Trend Micro’s Web site. Trend Micro’s Web site was one of up to 20,000 sites discovered in mid-March where hackers found a weakness in the server’s security that allowed them to implant malicious JavaScript.
If a user visits an infected page, the JavaScript initiates a download of malicious code from another server. Sophos named the attack Troj/Badsrc-A.
In this case, the server that is hosting the malicious code is down. The reason might be an exceeded bandwidth due to a high number of downloads of malicious code, which would indicate that many people could be infected.
The Welsh site is one of hundreds of sites that Sophos has tagged as infected. The vendor chose to publicize its findings on the Welsh site to make a point about how seemingly legitimate sites are being affected by this latest round of attacks.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.