Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > PC Super Plague Claimed 30,000 Victims

» IT Security NEWS
 
» 30 May 2009
PC Super Plague Claimed 30,000 Victims
A notorious system infection that tries to install as many malware programs into your computer as it possibly can has already contaminated about 30,000 websites and counting that are run by the government, private corporations, and many other organizations, security experts cautioned on Friday.

Stephan Chenette, a manager for security research at the WebSense security firm, hypothesize that the malicious payload covertly uses harmful JavaScript onto the homepage of sites in order to exploit a common program flaw that results in an SQL injection. The injected script is made to appear like the code used for Google Analytics, and it even utilizes obfuscation make it harder for security tools to detect its presence.

The visitors of the compromised sites are secretly redirected to servers that examine the user's computer. Based on their analysis, they attempt to take advantage of one or more of about ten various unfixed bugs on the user's computer. If there aren't any bugs available to exploit, the server sends a popup window that claims that the PC is infected with viruses in an effort to trick the surfer into installing malware that pretends to be an anti-virus program.

The fake anti-virus software utilizes polymorphic methods to continually change its digital signature, enabling it to avoid discovery by a large number of actual anti-virus applications. Doing Google searches to weed out the JavaScript code via common variables or strings is an exercise in futility.

Chenette surmises that the normal, non-tech-savvy user will find it difficult if not altogether impossible to tell whether the suspicious JavaScript code he has found is harmful or not and what it's for. Because of the plague-like infection's many contingency plans and adaptable nature, the WebSense manager expects it to spread and get worse in the coming weeks.

The infection has many similarities to the modus operandi of the mass website compromise named Gumblar. It also makes use of obfuscated JavaScript and SQL injections to compromise legitimate sites in order to spread itself to computer systems and make botnets out of entire Internet networks. WebSense estimates that Gumblar has so far spread to about 60,000 sites, which is about double the amount that the as-of-yet unnamed system infection has produced.

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245