Mass Hack Hits 200,000 Web Pages
New exploit differs significantly from last week's ASP-oriented attacks, McAfee says
Another variation on a recent hacking theme: McAfee is reporting another mass attack on Websites, this one using JavaScript.
The new attack already has hit some 200,000 Web pages, mostly those using phpBB technology, McAfee's Avert Labs research arm reported in its blog.
After a long trend toward targeted exploits, hackers appear to have rediscovered the mass attack, researchers say. Two weeks ago, researcher Dancho Danchev reported a number of attacks on ZDnet sites via iFrame. Then last week, McAfee reported a mass attack that infected more than 10,000 Websites (See McAfee Warns of Mass Web Attack.)
The previous attacks targeted Active Server Pages (.ASP), but the new attacks focus on JavaScript and phpBB, McAfee said.
"The ASP attacks are different than the phpBB ones in that the payload and method are quite different," the blog stated. "Various exploits are used in the ASP attacks, where the phpBB ones rely on social engineering." The new attack can best be described as a Trojan, the company said.
— Tim Wilson, Site Editor, Dark Reading
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024