90,000+ pages compromised in mass iFrame injection attack

Security researchers from Armorize have intercepted a currently live mass iFrame injection attack, affecting over 90,000 Web pages.

Security researchers from Armorize have intercepted a currently live mass iFrame injection attack, affecting over 90,000 Web pages.

Once the users visits an affected page, a number of javascript redirectors lead the user to a client-side exploits serving page.

How did the attack take place? Malicious attackers are either abusing input validation flaws within the vulnerable sites, or have been harvesting botnets for stolen FTP credentials in order to embed the pages with the malicious iFrame.

Go through related posts:

The iFrame domain willysy(dot)com is currently flagged as malicious.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All