 |
|
| CURRENT SECTION :: TechZone |
The No. 1 Resource for UK IT Contractors: Comprehensive guides - Daily news IT contract jobs - Market rates - Forums - IT contractor network - Calculators |
|
 |
Nearly half of all the infections found on legitimate websites in the UK in the last week were the work of a single, newly-released Trojan horse program. Scaling the size of their discovery, security experts said the attacker - Troj/JSRedir-R - has claimed six times as many victims as its nearest rival in almost as many days. Having “blown all previous web-based malware out of the water,” the Trojan is now the most widespread web-based threat for more than a year, according to Sophos. It is typically found on genuine, high-traffic websites, hidden behind obfuscated JavaScript, and silently loads malicious content from other sites onto a visitor’s PC. One user who saw JSRedir-R drag malicious code onto his desktop started downloading malware from a site called Gumblar.cn, inspiring some to dub the threat ‘Gumblar.’ The resulting malware could have been used to steal sensitive information for financial gain, to commit identity theft or to meddle with search engine results. The potential damage of the Trojan, thought to prefer sites with graphic content, explains why it is “essential” to scan every site for malicious code before users visit it. Addressing webmasters, Sophos said ensure the site is properly hardened to prevent the injection of malicious code into its pages, or risk passing the infection to visitors. If the site is already infected, take the site down; replace its contents with a clean back up; change all passwords, including FTP credentials; patch all software and reload it. May 19, 2009 Email this article Printer friendly page Previous Page
|
|
|
||||||||||||||||||||||||||||
| All content © Contractor UK Limited | [Archive] | [Register for News Letter] | [Privacy Statement] | [Terms of Use] | [Top of Page] |