hacked, redirects users to malware-laden sites

Summary:The attack follows word at Russian underground forums that root access to was being sold for US$3,000.

The high-profile web site was hacked and rigged to redirect users to malware-laden sites, according to warnings from security researchers.

The attack, spotted by researchers at Armorize, follows word at Russian underground forums that root access to was being sold for US$3,000.

The hacker selling access to boasts that the site attracts about 12 million users per month (39,000 per day).

The malware infection, done via iFrame redirection, was active for most of Monday morning but by 3:00PM Eastern, the site appeared to be cleaned.

Armorize researchers found a multi-step site redirection was being used to push visitors to a domain hosting the notorious BlackHole exploit back.

follow Ryan Naraine on twitter

It exploits the visitor's browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java, ...), and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge. The visitor doesn't need to click or agree to anything; simply visiting with a vulnerable browsing platform will result in an infection.

The BlackHole exploit kit, available to cyber-criminals for a $1,500 annual licensing fee, is typically used to infect site visitors via drive-by downloads.

Topics: Enterprise Software, Data Centers, Data Management, Open Source, Developer


Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.