Yet another Hack Attack on Network Solutions Users

The security team of Network Solutions is confronting a baffling attack which has promptly infected scores of websites hosted by it with malware.

According to StopMalvertising, a large number of websites were infiltrated by a malware script which infuses an iframe into the website pointing to corpadsinc.com. Here, the victims receive Adobe PDF exploits. They appear to have added a cookie, most likely to thwart malware URL analysis on itself.

Scores of infected websites contain encoded javascript. This javascript surreptitiously tries to install malicious software on the systems of the visitors. Security researchers on April 18, 2010, noticed over 50 websites compromised through malware javascript.

These attacks are accountable for nearly 3.7% of the Web-based malware attacks halted by ScanSafe, a Cisco-owned security service. The attack has affected nearly 17.5% of ScanSafe customers. Mary Landesman of ScanSafe said that translated, which signifies that though it's not affecting the bulk of enterprise's users, for the companies it is affecting, the encounter rate is significant, as per the news published by The Register on April 19, 2010.

It's only a few days after a massive hack targeted websites hosted by Network Solutions, which were running WordPress publishing. The former infection sparked off a round of recriminations and finger-pointing among the executives and researchers from WordPress and Network Solutions on who was accountable for the security lapse.

It is worth noting that now the WordPress customers are not the only sufferers, websites that use Joomla and simply the plain old HTML are also being aimed.

Network Solutions knows about the trouble, and it is working to mend it. However, they decline to give further details regarding the attack as any revelation might help the attackers.

Experts said that though Network Solutions commented on the media in the second week of April, for accusing this on Network Solutions, or WordPress itself should understand that for its own status, it must always consider the following attitude - while providing any of its services, defend the consumer from himself', said Dancho Danchev, an independent security consultant, as reported by The Register on April 19, 2010.

Related article: Youth’s Bank Account Used in Transferring Phished Funds

» SPAMfighter News - 4/30/2010