Mass Hack Hits 200,000 Web Pages

New exploit differs significantly from last week's ASP-oriented attacks, McAfee says

Dark Reading Staff, Dark Reading

March 18, 2008

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Another variation on a recent hacking theme: McAfee is reporting another mass attack on Websites, this one using JavaScript.

The new attack already has hit some 200,000 Web pages, mostly those using phpBB technology, McAfee's Avert Labs research arm reported in its blog.

After a long trend toward targeted exploits, hackers appear to have rediscovered the mass attack, researchers say. Two weeks ago, researcher Dancho Danchev reported a number of attacks on ZDnet sites via iFrame. Then last week, McAfee reported a mass attack that infected more than 10,000 Websites (See McAfee Warns of Mass Web Attack.)

The previous attacks targeted Active Server Pages (.ASP), but the new attacks focus on JavaScript and phpBB, McAfee said.

"The ASP attacks are different than the phpBB ones in that the payload and method are quite different," the blog stated. "Various exploits are used in the ASP attacks, where the phpBB ones rely on social engineering." The new attack can best be described as a Trojan, the company said.

— Tim Wilson, Site Editor, Dark Reading

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights