Articles about drive-by download

PHP.net resets passwords after malware-flinging HACK FLAP

The team behind popular web programing site PHP.net is in the process of restoring services and tightening security in the aftermath of a hack that exposed visitors to JavaScript-based exploits. Malicious JavaScript code was served to a small percentage of php.net users between 22 and 24 October after two php.net servers were …
John Leyden, 25 Oct 2013
The Register breaking news

Internet Explorer bug patched only a week ago now being exploited

Hackers have latched onto a vulnerability in Internet Explorer patched by Microsoft last week as a useful way to spread malware. The vulnerability is CVE-2012-1875 – which was patched in MS12-037 as part of the June edition of Microsoft's Patch Tuesday – and it is being exploited in the wild. Attacks are typically delivered by …
John Leyden, 19 Jun 2012
The Register breaking news

Amnesty International UK site flung Gh0st RAT at surfers after hack

Amnesty International UK's website was hacked early this week in an assault ultimately geared towards planting malware onto the PCs of visiting surfers. Malicious Java code was planted on the site in a bid to push the Gh0st RAT Trojan onto vulnerable Windows machines. If successful, the attack plants malware onto machines that …
John Leyden, 11 May 2012
The Register breaking news

Sneaky Trojan exploits e-commerce flaws

More details have emerged of an e-commerce software flaw linked to the theft of credit card information from numerous websites. A security flaw in osCommerce, an open source e-commerce package, created a means for criminals to compromise 90,000 web pages with redirection scripts that ultimately directed surfers towards a site …
John Leyden, 1 Aug 2011
The Register breaking news

Creditsafe suspends website in wake of drive-by download attack

UK credit reference and credit recovery agency creditsafe.co.uk took its site offline on Tuesday, as a precaution, following a hacking attack. The site remains offline at the time of writing on Wednesday afternoon. Miscreants planted malicious code on Creditsafe Limited's1 website. This code had the effect of redirecting …
John Leyden, 15 Jun 2011
The Register breaking news

Freebie Blackhole exploit kit appears on file-sharing websites

A free version of the Blackhole exploit kit has appeared online in a development that radically reduces the entry-level costs of getting into cybercrime. The Blackhole exploit kit, which up until now would cost around $1,500 for an annual licence, creates a handy way to plant malicious scripts on compromised websites. Surfers …
John Leyden, 24 May 2011
The Register breaking news

Flash cache exploit debuts in Amnesty attack

Miscreants have deployed a subtle variant of the well established drive-by-download attack tactics against the website of human rights organisation Amnesty International. In traditional drive-by-download attacks malicious code is planted on websites. This code redirects surfers to an exploit site, which relies on browser …
John Leyden, 19 Apr 2011
The Register breaking news

Pirate Bay beset by tainted ads

A hack on ad servers used by the Pirate Bay is exposing visiting surfers to malware. Site vulnerabilities in the ad delivery systems used by the torrent tracking site were exploited to plant malicious scripts, causing sections of the site to be blacklisted and blocked by Google (see here) and various security utilities. …
John Leyden, 14 Sep 2010
The Register breaking news

Google slaps malware warning on Radio 3 website

Updated Google is warning surfers visiting BBC Radio 3's website that the classical music domain is a security risk. The malware threat appears to have been purged by Thursday afternoon but Google warning will not be removed until it has had a chance to re-scan the site and verify that it is clean. The bbc.co.uk/radio3 site was …
John Leyden, 9 Sep 2010
The Register breaking news

Hackers plant malware on Jerusalem Post website

Hackers compromised the website of the Jerusalem Post on Monday so that it served up malware. The attack relied on planting scripts on the site itself, rather than the more common tactic of compromising its ad-serving system to serve tainted ads. The attack ultimately attempted to dump Windows-based malware on the Windows PCs …
John Leyden, 8 Jun 2010
globalisation

Qualys crawls into the malware scanning biz

Qualys is inviting sys admins to sign up to a new free service, QualysGuard Malware Detection, which provides alerts about drive-by-download attacks and malicious scripts on monitored websites. The service is based on behaviour analysis and offers automated alerts when it finds websites with rogue JavaScript, character …
John Leyden, 2 Mar 2010
The Register breaking news

Michigan airport grounds website over malware risk

An airport in Michigan reportedly took down its website late on Monday in response to a computer virus risk. The Gerald R. Ford International Airport in Grand Rapids temporarily pulled its site in response to an unspecified malware threat, local channel Wood TV reports. The site was restored by late Tuesday morning. During the …
John Leyden, 13 Oct 2009
The Register breaking news

Facebook app flaws create Trojan download risk

Grey-hat hacker Unu has discovered cross-site scripting vulnerabilities involving Facebook applications, of a type that might be used to distribute Trojan horse malware or launch other hacking attacks. The Romanian hacker - well known for identifying security flaws in the websites of banks, security firms and the UK parliament …
John Leyden, 21 Sep 2009
The Register breaking news

Nine-ball attack splits security researchers

Security researchers are split over the seriousness of a web attack dubbed "Nine-ball" which broke onto the internet last week. Websense last week reported a web attack dubbed "Nine-ball", a moniker derived from the name of ninetorag.in, one of the malware hosts associated with the assault, had claimed 40,000 website victims …
John Leyden, 23 Jun 2009
The Register breaking news

UK Communist website abused by Chinese hackers

Updated The website of the Communist Party Of Britain has been infected with malicious code. Infection by the iFrame-F script coincided with local and European election in the UK, marking a time when the minority party website would have had far more visitors than normal. The affected file on the website is associated with serving up …
John Leyden, 5 Jun 2009
The Register breaking news

Digital Spy struggles to pin down tainted ad infection

Updated UK celebrity gossip website Digital Spy has apologised after serving up banner ads laced with malware earlier this week. Digital Spy site specialises in news about celebs and reality TV programmes, in particular Big Brother, in great (perhaps unhealthy) detail. Whatever you might make of that it's a winning formula that has …
John Leyden, 2 Jun 2009
The Register breaking news

New script outstrips all other drive-by download risks

A newly-created malicious script has become the source of almost half the drive-by download attacks tracked by one security firm. JSRedir-R accounts for around 43 per cent of all malicious infections found on websites over the last week, according to a study by net security firm Sophos, published on Thursday. The malware crops …
John Leyden, 15 May 2009
The Register breaking news

Gov systems found on 1.9m zombie botnet

Government and corporate Windows PCs were among the ranks of a 1.9 million botnet recently discovered by net security firm Finjan. Finjan security researchers discovered the control server of the botnet after tracing back an infection from a corporate client. Evidence on the cybercrime server, which was hosted in the Ukraine, …
John Leyden, 22 Apr 2009

Create a news alert about drive-by download, or find more stories about drive-by download.

Biting the hand that feeds IT © 1998–2017