Half-Million IIS Servers Hit in Cyber Attack
Andy Patrizio writes on internetnews.com:
A massive cyberattack is targeting vulnerable Internet Information Server-based Web pages by redirecting visitors to the site toward one hosting malicious code, and it's growing rapidly.More here.
When Panda Security first noted the infestation, it put the number of infected IIS servers at 282,000. Not even a day later and security firm F-Secure wrote its own blog entry, putting the infestation at over 500,000.
The worst part of it all is that these infestations are not in seamy Web sites, they are taking place in legitimate Web pages. An IFRAME redirects the user to another page, where identity-stealing malware is downloaded onto their computer. So even users who think they are staying clean are not safe.
The vulnerability in IIS, developed by Microsoft, allows hackers to inject SQL code to manipulate legitimate Web pages. This code adds an IFRAME to redirect the user to a malicious Website that scans their computer for vulnerabilities and then downloads and installs malware that can get passed the user's defenses.
1 Comments:
I have been reading all I can about cyber attacks and warfare. The former Chief Strategist of Netscape - Kevin Coleman - has warned that we are at great risk in business, government and industry. Why is it we never listen to the experts before it is too late?
Post a Comment
<< Home