0
Quote
Security researchers claim that a mass attack of websites is much worse than was feared. According to ScanSafe, the attack has affected at least 10,000 sites...
...according to ScanSafe's data, approximately 10,000 sites hosted on Linux servers running Apache, most likely with purloined log-in credentials. Those servers have been infected with a pair of files that generate constantly-changing malicious JavaScript. When visitors reach the hacked site, the script calls up an exploit cocktail that includes attack code targeting recent QuickTime vulnerabilities, the long-running Windows MDAC bug, and even a fixed flaw in Yahoo Messenger.
...according to ScanSafe's data, approximately 10,000 sites hosted on Linux servers running Apache, most likely with purloined log-in credentials. Those servers have been infected with a pair of files that generate constantly-changing malicious JavaScript. When visitors reach the hacked site, the script calls up an exploit cocktail that includes attack code targeting recent QuickTime vulnerabilities, the long-running Windows MDAC bug, and even a fixed flaw in Yahoo Messenger.
http://www.techworld.com/security/news/ind...11184&email
