Security researchers from AegisLab have noticed that more than 300 websites have been compromised and altered to host malicious mail.htm or upload.htm files.
Embedded
iframes ensure that drive-by-download attacks are launched each time these pages are visited. Victims are redirected to various Russian websites and discussion boards.
The piece of malware involved in this campaign is a variant of the infamous Cridex worm which is currently identified by around 30 of the 42 vendors present on
VirusTotal.
Experts have determined that the sites have been hijacked by the cybercriminals because they use outdated software packages.
Out-of-date software is also the reason for which hackers have managed to
compromise Reuters’ blogging platform.
According to SC Magazine, they still haven’t upgraded their WordPress 3.1.1 installation.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
