New malware attack infecting Web sites

Somewhere around 40,000 Web sites have apparently been infected with code that redirects visitors to sites hosting malware, according to a security firm.

Security firm Websense has put out an advisory warning Web site owners about malicious code that redirects surfers to seemingly safe sites.

About 40,000 Web sites appear to have been compromised with rogue JavaScript code that redirects Web surfers to a fake Google Analytics site, after which they get passed onto a site that tries to exploit Internet Explorer or Firefox vulnerabilities to infect that PC with malware, according to a Websense researcher quoted by Computerworld. Just for good measure, if the site can't find a browser vulnerability, it tries to trick the user into downloading a Trojan.

It's not clear how the sites were compromised, but Computerworld reported the redirect sites are being hosted in the Ukraine, implying that the Russian Business Network is behind the threat.

This is a separate scam from the Gumblar attack that made the rounds last week, according to Websense.

Tags:
Security
About the author

    Tom Krazit writes about the ever-expanding world of Google, as the most prominent company on the Internet defends its search juggernaut while expanding into nearly anything it thinks possible. He has previously written about Apple, the traditional PC industry, and chip companies. E-mail Tom.

     

    ARTICLE DISCUSSION

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    Hot on CNET

    CNET's giving away a 3D printer

    Enter for a chance to win* the MakerBot Replicator 3D Printer and all the supplies you need to get started.