JavaScript malware infecting various websites

By Dan Kaplan on Feb 6, 2007 1:32 AM
Filed under Web/client

Dozens of unrelated websites contain malicious scripts that attempt to infect users' machines with malware, security experts said today.

The reports come two days after the highly trafficked website for Dolphin Stadium, host of today's Super Bowl, was infected with a JavaScript-enabled keylogging trojan that took advantage of two previously patched Microsoft vulnerabilities.

In a blog post today, Marcus Sachs, director of the SANS Internet Storm Center, listed about 50 sites that contain the malicious pointers.

He urged system administrators to block network traffic to the sites until it can be confirmed they are free of malware. Users can be infected simply by visiting the websites.

Mikko Hypponen, chief research officer at F-Secure, said some of the hacked sites relate to the Super Bowl.

Sachs, meanwhile, reported that a number of attacks are targeting hospital or medical care sites.

Click here to email reporter Dan Kaplan.


Keywords
javascript, malware, infecting, various, websites
Related

What are your thoughts on this article? Add your comment below.

To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.

NOTE: You must be a registered member of SC Magazine to post a comment.

Click here to login | Click here to register
comments powered by Disqus
Sign up to receive SC Magazine email newsletters
   FOLLOW US...
Most Read