Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
JavaScript Injection Attack Infects 'Hundreds of Thousands' of WebsitesJavaScript Injection Attack Infects 'Hundreds of Thousands' of Websites
United Nations, UK government sites are among the victims
1 Min Read
Websense Security Labs yesterday reported a new JavaScript injection attack that has infected "hundreds of thousands" of Websites, including a United Nations site and some UK government sites.
Web users who browse the infected sites will unknowingly load a file that automatically attempts to serve up a concoction of eight different exploits designed to gain access to their computers and install information-stealing malware, Websense says in its report.
The mass attack appears to be from the same group of individuals who launched a similar "iFrame" attack a few weeks ago, which compromised thousands of Internet domains, including U.S. news and travel sites.
"The attackers have now switched over to a new domain as their hub for hosting the malicious payload in this attack," Websense says. "We have no doubt that the two attacks are related."
In the space of just a few hours yesterday, Websense said it saw the number of compromised sites increase by a factor of ten.
— Tim Wilson, Site Editor, Dark Reading
About the Author
You May Also Like
More Insights
Webinars
Uncovering Threats to Your Mainframe & How to Keep Host Access Secure
Feb 13, 2025Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025
_vska_Alamy_.jpg?width=700&auto=webp&quality=80&disable=upscale)
_Brain_light_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale)