Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Massive IFRAME SEO Poisoning Attack Continuing

From: "Dancho Danchev" <dancho.danchev () gmail com>
Date: Thu, 27 Mar 2008 18:42:02 -0800
Following last week's, massive SEO poisoning combined with IFRAME
injections due to input validation flaws at sites with high pageranks,
these are the very latest high profile sites successfully injected
with IFRAMES forwarding to the rogue security software and Zlob
malware variants like the one in the previous campaigns are :

USAToday.com, ABCNews.com, News.com, Target.com, Packard Bell.com,
Walmart.com, Rediff.com, MiamiHerald.com, Bloomingdales.com,
PatentStorm.us, WebShots.com, Sears.com, Forbes.com, Ugo.com,
Bartleby.com, Linkedwords.com, Circuitcity.com, Allwords.com,
Blogdigger.com, Epinions.com, Buyersindex.com, Jcpenney.com,
Nakido.com, Uvm.edu, hobbes.nmsu.edu, jurist.law.pitt.edu,
boisestate.edu

And this is the latest assessment of the situation in terms of the
malware served and the domains/IPs involved :

http://ddanchev.blogspot.com/2008/03/massive-iframe-seo-poisoning-attack.html

Regards
-- 
Dancho Danchev
Cyber Threats Analyst/Blogger
http://ddanchev.blogspot.com
http://windowsecurity.com/Dancho_Danchev

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: