New script outstrips all other drive-by download risks
Major malicious domo
Posted in Security, 15th May 2009 13:03 GMT
Free whitepaper – Hands on with Hyper-V 3.0 and virtual machine movement
A newly-created malicious script has become the source of almost half the drive-by download attacks tracked by one security firm.
JSRedir-R accounts for around 43 per cent of all malicious infections found on websites over the last week, according to a study by net security firm Sophos, published on Thursday. The malware crops up with almost six times the frequency of its nearest rival, iFrame-F (which is recorded in seven per cent of attacks).
The JSRedir-R script is typically found on legitimate websites, hidden behind obfuscated JavaScript, and used to exploit browser vulnerabilities to download malware onto the Windows PCs of visiting surfers via third-party websites under the control of hackers. The malicious script has also cropped up on the 2 Girls 1 Cup scat video viral website.
A chart from Sophos on the relative frequency of different web-based attacks can be found here. More pointers on how the JSRedir-R attack works, and how webmasters might guard against it, can be found here. ®
Free whitepaper – Hands on with Hyper-V 3.0 and virtual machine movement
Send corrections
IT infrastructure monitoring strategies
The new Office Garage series:
Data control in the cloud
Top 10 SIEM implementer’s checklist
