Malicious Widget Hacked Millions of Web Sites<http://www.technibble.com/malicious-widget-hacked-millions-of-web-sites/>
Posted: 16 Aug 2010 04:32 PM PDT <http://www.technibble.com/go/laptop-repair-videos.php> As many as five million web sites hosted by Network Solutions have been serving malware, reports ComputerWorld<http://www.computerworld.com/s/article/9180783/Malicious_widget_hacked_millions_of_Web_sites?taxonomyId=17>. Wayne Huang, co-founder and CTO of Armorize Technologies, estimates the numbers of infected sites to be between 500,000 and 5 million. The attack could be one of the largest drive-by download infections yet. Hung’s firm originally tracked the malware to a widget installed by Network Solutions on its GrowSmartBusiness.com site and later found that the widget had been installed on all parked domains. Parked domains are sites that have been registered but lack any content. Malware makers and scammers have used these sites in the past to serve malware or artificially boost search rankings. The widget turned every infected domain into a drive-by attack site that launched the multi-exploit “Nuke” toolkit against users running Internet Explorer, Firefox, Chrome and Opera. If the kit successfully hacked the browser, a Trojan downloader hit the Windows PC, searches were redirected and pop-up advertisements appeared. The Trojan downloader that was identified by anti-virus programs turned out to be a variation of the Koobface virus that is more commonly seen on Facebook, along with it was a malicious script that only targeted IPs from Hong Kong and Taiwan. The attack numbers are more likely on the high end of the estimation because search engines were used to estimate how many sites had the widget and they generally don’t like to index parked domains. In response to the attacks Network Solutions has disabled the widget on all parked domains and took down the GrowSmartBusiness.com site. The attack isn’t entirely cleaned up yet; the malicious script remains and the widget is still on 5,700 active sites that manually installed it. Network Solutions issued a security alert<http://blog.networksolutions.com/2010/security-alert-malware-found-on-widget/>about the widget that tells customers to remove it and scan for malware. © Technibble - A Resource for Computer Technicians<http://www.technibble.com/>to start or improve their computer business <http://www.technibble.com/> To get started with your own computer business, check out our Computer Business Kit<http://www.technibble.com/products/computer-business-kit/?ap_id=rss>. Malicious Widget Hacked Millions of Web Sites<http://www.technibble.com/malicious-widget-hacked-millions-of-web-sites/> -- *Daniel E. Ragen District Technology Coordinator* *Dupo CUSD 196 600 Louisa Ave Dupo, IL 62239 Phone - 618-286-3214 x2141 *[email protected] 'My reading of history convinces me that most bad government results from too much government.' Thomas Jefferson
| Subscription info at http://www.tech-geeks.org |
