Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cybercriminals Compromise Official Website of jQuery

HELP NET SECURITY reported on 23rd September, 2014 stating that jQuery.com, the certified website of the renowned cross-platform JS (JavaScript) library of the same name had been hijacked and redirecting visitors to a malicious site hosting the RIG exploit kit and eventually delivering data stealing malware.

RiskIQ, a Risk management software company, reported that jQuery.com was attacked and said that the redirected page in question, jquery-cdn(.)com was still alive and redirecting visitors. RiskIQ confirmed that it has informed jQuery.com about the attack.

Threatpost.com reported on 23rd September, 2014 quoting James Pleger, Director of Research, as saying "victims were compromised in a drive-by download attack at the jQuery website which was redirecting browsers to the site hosting RIG."

RIG was discovered early this year and like other exploit kits, it targets vulnerabilities in popular applications like Java, Microsoft's Internet Explorer, Adobe Flash and Silverlight programs.

Attackers found the website of jQuery weak and injected malicious JavaScript which redirects victims. RiskIQ said that it detected malware on compromised machines which steals credentials and other data.

The security firm says that the jQuery library itself doesn't look to be affected by the attack but the malware infected the website and advised those who visited the website during the apparent attack to re-image their machines.

SecurityWeek published news on 23rd September, 2014 quoting Pleger as saying "RiskIQ consulted researchers of Dell and determined that the malware which is being served in this particular attack is Andromeda."

Pleger said that the attack affected companies in several sectors like technology, banking and defense. Although the security firm RiskIQ hasn't been able to identify all the victims of this campaign, they have identified all the affected companies and informed them.

RiskIQ observed that it is particularly disturbing to discover information embezzling malware on jQuery.com because of the demographic of jQuery visitors (who are) usually web developers and IT systems administrators including huge contingent working within enterprises.

Obviously, these individuals have privileged access to backend systems, web properties and other critical infrastructure.

Planted malware which can steal credentials from systems owned by privilege account holders inside companies could allow attackers to mutely compromise systems of enterprise which is same as happened in the infamous Target breach.

ยป SPAMfighter News - 10/3/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page