Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
  • Go

ASP.NET Assaults Strike Over 1m Websites

Google discloses a bulk contamination spree that disrupted innumerable websites using malware, which attacked ASP.NET or ASP Web-application protocols, published Softpedia dated October 13, 2011.

Essentially, more than 600,000 websites were affected when an SQL-insertion assault targeted ASP.NET sites. And during the period when Armorize publicized this finding, merely 6 security firms from a total of 43 managed to identify the malicious program.

Apparently, the contamination involves a code insertion inside online sites that hospitals, restaurants along with other small-sized companies operate as well as implanting of a web-link, that's invisible, into users' web-browsers that lead onto sites like nbnjkl.com as well as jjghui.com.

These sites too then divert onto many other sites like www2.safetosecurity.rr.nu and www3.strongdefenseiz.in, which have concealed malware for abusing known security flaws within Java, Flash or PDF of Adobe.

Disturbingly, internauts having expired components in browsers become immediately contaminated whilst they access any from among the hijacked websites. This is devoid of even their perception of the cause of the attack as also despite the drive-by assault apparently hitting just those Internet sites that rely on the aforesaid protocols.

The hijacked websites are falsely named "James Northone" during registration that's the identical bogus name utilized during the LizaMoon assaults of April 2011.

Specifically according to Securi a security firm, the registration details related to the URLs utilized within the assault in question exactly represent those utilized for the previous LizaMoon URLs. Consequently, LizaMoon assaults' impact on about 1.5m weakened websites was the same when malware on those websites diverted visitors onto BHSEO-poisoned sites that served malicious payloads.

Luckily, Australian websites mainly remained free from infection during both assaults.

Meanwhile, security specialists say that for resident Internet operators, who've safeguard measures installed, should remain secured since when some anti-virus agencies become aware of a malware, others will closely follow as well as fast blacklist the malware learnt as causing destruction.

But, incase end-users haven't still completed the installations, they must speedily make their browsers up-to-date along with Java and Adobe Flash, since often, attackers exploit the flaws within the previous editions for delivering such several drive-by threats related to browsers.

Related article: ACP/ BOA Provide Tips to U.S. Taxpayers

ยป SPAMfighter News - 26-10-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next