Viruses/Worms News

'Beladen' web attack has infected 40,000 websites

Tuesday, June 2, 2009

A web security firm has identified roughly 40,000 legitimate websites that cybercriminals have hacked to redirect visitors to an exploit site called Beladen. Similar to the Gumblar attacks, the hacked websites point to a domain where visitors are infected with malware.

Beladen and Gumblar now appear to mark a new trend - mass compromises of websites that convert them into a type of botnet of infected sites, rather than botnets of hacked PCs, security experts said.

The Beladen domain attempts to infect PCs through older, vulnerable browser versions and third-party applications like QuickTime and Winzip.

Security vendor Websense warned on its blog last week that Beladen had compromised about 20,000 websites, a number which has since doubled in size.

The hacked sites have been injected with malicious, obfuscated code that leads to a site which uses a similar domain name to the legitimate Google Analytics domain, which records the user's browsing statistics for the attacker, researchers said.

That site then redirects users to Beladen, where the malware is uploaded.

"Following the recent Gumblar attack, we know that mass injections are nothing new, but these are becoming more popular and more common," a Websense researcher wrote in a blog Monday.
ADNFCR-1765-ID-19198726-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now