The so-called "mass-injection" attacks, which experts say is the largest of its kind ever seen, has managed to insert malicious code into web sites with access to a database server running behind the Internet, according to security technology companies that find it.
Websense, who first found evidence of an attack earlier this week, has been called 'LizaMoon,' it after the site first malicious code directed at researchers.
Users can see that they are being redirected when they try to visit the address of the infected, and can close the window without ill effects, said Patrik Runald, a senior manager of security research at Websense.
The attacks have been heavily influenced small website so far, he said, with no evidence that the company's website or popular government has been compromised.
If the user does not close the window after typing the address of the infected, or click the link that is infected, they are redirected to a page displaying a warning from 'Windows Stability Center' - disguised as a security product Microsoft Corp. - that there are problems with their computers and they are urged to pay for the device software to fix it.
Websense said the site seems governed by sophisticated fraudsters out to make money, but it is unclear whether the site was also planted malicious software on the user's computer if they make a purchase on the site, or if the operation was associated with identity theft scam.
Presentation of the fake website, as indicated by Websense, high quality but it is clear fraud. Microsoft does not have a product called 'Windows Stability Center ". The company did not immediately have a comment about the attack.
Websense says some third-party Web address that contains information about the podcasts available on Apple Inc's iTunes service has been uncovered, but said Apple appears to have prevented a malicious link from working. Apple did not respond to requests for comment.
The attacks may take some time to be domesticated, warned Runald, as researchers first must identify the affected software, and then the website operator must install updated software.
"Attacks such as these tend to stay for a very long time," he said. "Once they were on to something, he tends to stay with us will not be lost LizaMoon event for a day .."
No comments:
Post a Comment