CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
May 16th, 2011

Geek.com Compromised, Visitors Infected With Malware

Security researchers from cloud security provider Zscaler warn that technology website geek.com was compromised and many of its pages are executing drive-by download attacks against visitors. Geek.com is one of the oldest technology news websites around, dating back to 1996, the dawn of the commercial World Wide Web.

Attackers have managed to inject rogue IFrames into different portions of the site, both within articles and the site’s main pages like home, about us, etc. According to Umesh Wanve, a senior security research engineer at Zscaler, there are multiple infections and the iframes take visitors to different malicious websites.

One example is the rogue code injected into a May 13 article about Call of Duty: Modern Warfare 3 details being leaked, which redirects visitors to an exploit kit. These kits perform various checks to determine what versions of certain program users have installed on their computers and then serve exploits for vulnerabilities in those products.

The most commonly used applications like Java Runtime Environment, Flash Player, Adobe Reader or the browser itself are usually targeted. “As this is first article is highlighted and ‘Call of Duty’ is a very popular game, one can assume that many people have fallen victim to this attack,” Mr. Wanve says.

Drive-by download attacks are currently one of the main malware distribution channels on the Internet. They are very dangerous because in most cases they are completely transparent to victims. “Unfortunately, we see hundreds of attacks such as this each and every day. Many legitimate websites are being compromised by taking advantages of poor coding practices in web applications,” the Zscaler security researcher says.

Users can protect themselves by keeping all of they software up to date, including the operating system itself, and running anti-virus products capable of scanning web traffic. Mozilla Firefox users can also use advanced extensions such as NoScript.

Credit: Softpedia.com News

Share this item with others:

More on CyberInsecure:
  • Thousands Of High-Ranked Webpages Infected With Malware, Including Intljobs.org, WSJ.com, tomtom.com.tw
  • Compromised Twitter Accounts Spread Links to Malware Downloads
  • CBS.com Subdomain Compromised, Installing Malware On Visitors PC’s
  • MLB.com Major League Baseball Website Infected Visitors Through Ads
  • Mass Web Infections Spike To 6 Million Pages In 640,000 Sites

    • Posted in Breaches And Incidents, Hacked, Malware | Print This Post Print This Post

    This entry was posted on Monday, May 16th, 2011 at 3:56 pm and is filed under Breaches And Incidents, Hacked, Malware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Geek.com Compromised, Visitors Infected With Malware

    One Response to “Geek.com Compromised, Visitors Infected With Malware”

    1. N4G Says:
      March 16th, 2012 at 4:51 am

      A new version of a well-known family of Mac malware exploits vulnerabilities in Java to steal usernames and passwords for online payment, banking, and credit card websites.

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »