Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Compromised Site Causes Trouble
Malicious Java Script makes user's browser download, execute Trojan
1 Min Read
FORT LAUDERDALE, Fla. -- BitDefenderR Labs issued a warning today that an attacker has added an instruction to download an executable to a bit of previously innocuous Java Script which handles font resizing - one which exists in every public-facing page of the TCSDaily news website.
The number of systems exposed to the attack suddenly spiked when a post linking to an article hosted on the compromised TCSDaily website appeared on the social news aggregator site Reddit.
The malicious Java Script makes the user's browser download and execute a Trojan - detected by BitDefender as Trojan.Downloader.Small.BIB - which is hosted on a Chinese website, which is probably also compromised.
"It's a pretty simple piece of malware, but it's obfuscated, so most antivirus programs could not detect it," said Marius Tivadar, BitDefender antivirus researcher. "A drive-by download is like that - one often gets infected at first with something that is nearly innocuous and really stealthy, the kind of thing antivirus software is most likely to just ignore, but once your system is infected, all bets are off."
Read more about:
2007About the Author
You May Also Like
More Insights
