Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Massive IFRAME SEO Poisoning Attack Continuing

Massive IFRAME SEO Poisoning Attack Continuing

From: Dancho Danchev <dancho.danchev_at_gmail.com>
Date: Thu, 27 Mar 2008 18:42:02 -0800

Following last week's, massive SEO poisoning combined with IFRAME
injections due to input validation flaws at sites with high pageranks,
these are the very latest high profile sites successfully injected
with IFRAMES forwarding to the rogue security software and Zlob
malware variants like the one in the previous campaigns are :

USAToday.com, ABCNews.com, News.com, Target.com, Packard Bell.com,
Walmart.com, Rediff.com, MiamiHerald.com, Bloomingdales.com,
PatentStorm.us, WebShots.com, Sears.com, Forbes.com, Ugo.com,
Bartleby.com, Linkedwords.com, Circuitcity.com, Allwords.com,
Blogdigger.com, Epinions.com, Buyersindex.com, Jcpenney.com,
Nakido.com, Uvm.edu, hobbes.nmsu.edu, jurist.law.pitt.edu,
boisestate.edu

And this is the latest assessment of the situation in terms of the
malware served and the domains/IPs involved :

http://ddanchev.blogspot.com/2008/03/massive-iframe-seo-poisoning-attack.html

Regards 

-- 
Dancho Danchev
Cyber Threats Analyst/Blogger
http://ddanchev.blogspot.com
http://windowsecurity.com/Dancho_Danchev
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Mar 28 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]