Cyber-criminals hack US Media Websites for Redirection Assaults

According to security experts, cyber-crooks recently compromised websites belonging to popular U.S. media companies and used them for diverting visitors onto malware-serving sites, published softpedia.com, May 7, 2013.

Also, as per these experts, the hijacked websites comprise URLs of Federal News Radio, WTOP Radio, Real Clear Science, The Christian Post, Real Clear Policy, one picture aggregator, one well-known scuba diving organization, and more, all Washington-based.

The cyber-criminals inserted an obfuscated JavaScript inside the websites to unleash an iFrame, which diverted end-users onto a ZeroAccess Trojan-delivering website or another serving bogus anti-virus. Investigators at Zscaler a security company theoretically assume that they possibly relate with certain common backend ambience.

Zscaler elaborates that assaults targeting consumers normally rely on social engineering
tricks following which potential victims most necessarily should be persuaded towards accessing certain website, taking down certain file, and so on. Consequently, the assaulters will create one script that'll thoroughly search the Web while seeking well-known websites having an identical vulnerability as also whilst detected, insert malware inside such sites. Like this, anybody accessing the lawful website that has been contaminated may turn into a victim, the company explains. Help Net Security published this, May 7, 2013.

Zscaler further states there's another identical feature about the assaults, i.e. the compromised websites receive the hosting service of robust Domain Name System (DNS)providers as also that the diversion assaults start off solely when detection occurs of potential victims browsing through Internet Explorer. For any other Web-browser, the assaults don't happen.

Remarking about these assaults, Security Engineer Eddie Mitchell at Invincea another security firm stated that compromises similar to those were especially hard for detecting. More assaults, which might attempt at enticing end-users onto fake sites, could get easily eschewed via ordinary anti-malware. However, by attacking websites, which people believed as also accessed habitually, the attackers had an improved opportunity towards bypassing those defenses. Washingtonpost.com reported this, May 7, 2013.

Moreover, according to Mitchell, considering how immensely miscreants concentrated on WordPress since long while trying to compromise lawful URLs so as to divert web-traffic onto malicious pages, the above assaults weren't any surprise. Threatpost.com reported this, May 7, 2013.

» SPAMfighter News - 5/14/2013