14 DAY TRIAL // A couple of weeks ago, Sophos experts identified a cybercriminal campaign that relied on rogue Apache modules that pushed iFrame injections in an effort to direct the visitors of compromised websites to the BlackHole exploit kit.
The researchers say one of the websites affected by this attack is Seagate’s blog (smb.media.seagate.com).
Seagate was informed of the breach back in February, but so far, the company has failed to remove the malicious iFrame detected by Sophos as Mal/Iframe-AL.
Experts say that many webmasters fail to clean up the infection because it’s not easy to spot.
“It would seem that certain checks are done by the malicious Apache module, meaning that the malicious iFrame is only injected into outbound HTML/JS content when certain conditions are met,” Sophos’ Paul Baccas explained in a blog post.
A few days ago, Google launched a new resource center to help web admins protect their websites and clean them up in case they were hacked. If you're a webmaster, be sure to check it out.