New malware attack infecting Web sites

Somewhere around 40,000 Web sites have apparently been infected with code that redirects visitors to sites hosting malware, according to a security firm.

Security firm Websense has put out an advisory warning Web site owners about malicious code that redirects surfers to seemingly safe sites.

About 40,000 Web sites appear to have been compromised with rogue JavaScript code that redirects Web surfers to a fake Google Analytics site, after which they get passed onto a site that tries to exploit Internet Explorer or Firefox vulnerabilities to infect that PC with malware, according to a Websense researcher quoted by Computerworld. Just for good measure, if the site can't find a browser vulnerability, it tries to trick the user into downloading a Trojan.

It's not clear how the sites were compromised, but Computerworld reported the redirect sites are being hosted in the Ukraine, implying that the Russian Business Network is behind the threat.

This is a separate scam from the Gumblar attack that made the rounds last week, according to Websense.

Tags:
Security
About the author

    Tom Krazit writes about the ever-expanding world of Google, as the most prominent company on the Internet defends its search juggernaut while expanding into nearly anything it thinks possible. He has previously written about Apple, the traditional PC industry, and chip companies. E-mail Tom.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    Bento boxes and gear for hungry geeks (pictures)
    The best tech products of 2014
    Does this Wi-Fi-enabled doorbell Ring true? (pictures)
    Seven tips for securing your Facebook account
    The best 3D-printing projects of 2014 (pictures)
    15 crazy old phones from a Korean museum (pictures)