Tue, Jun 16 2009 16:13
Don
Mass Injection - Nine-Ball
Websense Security Labs™ ThreatSeeker™ Network has detected another large mass injection attack in the wild after the Beladen and Gumblar
attacks. We are calling this mass compromise Nine-Ball because of the
final landing site. We have been tracking the Nine-Ball mass compromise
since 6/03/2009. To date, over 40,000 legitimate Web sites have been
compromised with obfuscated code that leads to a multi-level
redirection attack, ending in a series of drive-by exploits that if
successful install a trojan downloader on the user's machine.
Alert Details
Filed under: Alerts