 Yet another new malware attack, Rogue JavaScript on Websites |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
 Jun 2 2009, 08:27 PM
Post
#1
|
|
|
Forum Addict  Group: Members Posts: 1,137 Joined: 20-May 07 Member No.: 131,989  |
QUOTE About 40,000 Web sites appear to have been compromised with rogue JavaScript code that redirects Web surfers to a fake Google Analytics site, after which they get passed onto a site that tries to exploit Internet Explorer or Firefox vulnerabilities to infect that PC with malware, according to a Websense researcher quoted by Computerworld. Just for good measure, if the site can't find a browser vulnerability, it tries to trick the user into downloading a Trojan. http://news.cnet.com/8301-1009_3-10255226-...g=2547-1_3-0-20 Made title more descriptive and added informative paragraph from article. ~ OB This post has been edited by Orange Blossom: Jun 8 2009, 12:17 PM |
 |
 
|
|
Jun 3 2009, 04:19 AM
Post
#2
|
|
|
Member Group: Members Posts: 111 Joined: 31-January 09 Member No.: 289,417 |
Its like every other day we see one of these....
 Thanks for keeping up informed though. |
|
|
|
|
Jun 5 2009, 01:40 PM
Post
#3
|
|
 Distinguished Member Group: Members Posts: 780 Joined: 24-February 09 From: Miami, Florida Member No.: 300,479 |
Theres that other one, called Gumblar, which sounds severe aswell..
-------------------- Who said I couldn't have everything?
|
|
|
|
|
Jun 28 2009, 10:15 PM
Post
#4
|
|
 Senior Member Group: Members Posts: 586 Joined: 12-September 06 From: Northern Ohio Member No.: 85,011 |
Sun micro syatems don't seam to care, they never do any thing about it. I don't really know its a Sun micro problem or a Google problem. We still have a security problem with Java in Adobe and it's been there a long time.
|
|
|
|
|
Jul 3 2009, 12:39 AM
Post
#5
|
|
 Guru at being a Newbie Group: HJT Team Posts: 5,916 Joined: 8-April 04 Member No.: 96 |
QUOTE(Layback Bear @ Jun 28 2009, 10:15 PM)  Sun micro syatems don't seam to care, they never do any thing about it. I don't really know its a Sun micro problem or a Google problem. We still have a security problem with Java in Adobe and it's been there a long time. Don't confuse JavaScript with Java or the Java runtime environment. They are two separate things. http://en.wikipedia.org/wiki/Javascript Altho there is a relationship there, JavaScript was developed by Netscape. It is just a scripting language, so even if Sun did develop the language, they have no control over what the bad guys do with it. The blame rests solely on the shoulders of the perpetrators, not Sun or Google. There are other reasons to yell at Sun, but this is not a bug or unpatched vulnerability in their runtime environment, so they don't deserve it in this case. 
-------------------- Put the lime in the coconut and drink 'em both together
Put the lime in the coconut, then you'll feel better. --Harry Nilsson Papa was a rolling stone. Where ever he laid his hat was his home. --The Temptations |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 8th November 2009 - 04:38 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.