-
18 January 2008Poisoned Websites Attack Visitors
Small ecommerce sites are being infected with code that infects the visitor's PC.
Estimations of how many websites have been infected vary with security researchers at Scansafe predicting that it could be around 230, whereas researchers at Secure Works and Finjan believe that this figure may be as high as 10,000.
Once installed on a Windows machine, the malicious code can steal passwords, browser data as well as login names for bank accounts and even online games. The attack is proving hard to defend against for both sites being infected and PC users who are caught out.
All of the infected websites use the same type of server and open source content management software. However, security experts are still unable to determine all the ways that the sites are being compromised.
Mr Ben-Itzhak, Chief Technology Officer at Finjan said that "they are trying to exploit known vulnerabilities in open source content management software that the sites are using". Being able to identify the attack code on a site was extremely difficult, he said, because every time a new user visited, the code got a new, random five character name. So if a visitor returned, then the malicious code identified them and did not launch a second attack.
Hosting companies who own and run the servers on which small ecommerce firms place their websites need to view their security measures as a priority rather than something that they have to do, if such threats are to be dealt with.
Unsure of what you want or haven't got the time? Then fill in your details below and let us call you back.
