[ insider_reports_insider ]
Chinese Sites Hit With Script Injections
David Utter
Staff Writer
2008-05-19
 Insider Reports RSS Feed
A malware attack using a Javascript injection to exploit several old flaws targeted over 327,000 sites in Asia.
 | | Chinese Sites Hit With Script Injections |  |
China, Taiwan, Hong Kong, and Singapore saw attacks attempting to gain access to machines in a massive wave of attempts. The drive-by nature of the attack makes it a dangerous prospect for people, who are infected silently by the script injection.
Security vendor Trend Micro said the weekend assault tried to infect systems through old vulnerabilities. In one example, Trend Micro noted how the injection attacked a knows Microsoft Data Access Components flaw, MS06-014,
The 06 in Microsoft's name for the issue indicates a patch has been available for this for a couple of years. Unless someone is running a pirated version of Windows, there doesn't seem to be any reason to leave this particular flaw unfixed for so long (though we're certainly open to other opinions, drop us an email if you have a suggestion.)
Malware downloaded by the Javascript also appears to attack RealPlayer and other media software. Trend Micro said two of the exploits being delivered specifically target Chinese-language software, which suggested the geographical targeting as noted previously.
The massive compromise already has a place in Google. Trend Micro found more than 327,000 pages containing the malicious script tag resulting from these infections.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
