March 13, 2008
McAfee has uncovered a script injection attack on some 10,000 Web pages, apparently designed to help attackers steal passwords from online gamers.
"This attack involves injection of script into valid Web page to include a reference to a malicious .JS file (sometimes in the body, other times in the title section)," said McAfee's Avert Labs in a blog. "The .JS file uses script to write an IFRAME, which loads an HTML file that attempts to exploit several [existing] vulnerabilities."
"This is one of those cascading threats, where one page leads to another and another, which leads to an executable, which leads to another and another," McAfee said. "At least one of the payload Trojans targets online gamers."
The attack appears to emanate from China, according to McAfee.
The approach is similar to the attack that hit the Miami Dolphins and Dolphins Stadium before the Super Bowl, McAfee says. The Web pages appear to be unaltered, but the attackers inject a small amount of code that redirects the browser to a malicious site.
The site then loads a password-stealing Trojan on the user's machine that can find passwords to popular online games, McAfee says.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023