Author Topic: Beware the i-Frames of March!  (Read 1769 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Beware the i-Frames of March!
« on: March 28, 2008, 10:10:45 PM »
Quote
The very latest high profile sites successfully injected with IFRAMES forwarding to the rogue security software and Zlob malware variants :

USAToday.com, ABCNews.com, News.com, Target.com, Packard Bell.com, Walmart.com, Rediff.com, MiamiHerald.com, Bloomingdales.com, PatentStorm.us, WebShots.com, Sears.com, Forbes.com, Ugo.com, Bartleby.com, Linkedwords.com, Circuitcity.com, Allwords.com, Blogdigger.com, Epinions.com, Buyersindex.com, Jcpenney.com, Nakido.com, Uvm.edu, hobbes.nmsu.edu, jurist.law.pitt.edu, boisestate.edu.

http://ddanchev.blogspot.com/2008/03/massive-iframe-seo-poisoning-attack.html

Via:

http://sunbeltblog.blogspot.com/2008/03/massive-iframe-continues-to-hit-top.html
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

lee16

  • Guest
Re: Beware the i-Frames of March!
« Reply #1 on: March 29, 2008, 12:17:11 PM »
Hmm i wonder how affective blocking the main IP addresses that are injected as IFRAME redirection points through a firewall/peerguardian etc  ???

--lee


Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Beware the i-Frames of March!
« Reply #2 on: March 29, 2008, 12:25:37 PM »
Don't worry too much: these guys are picking low hanging fruit with old exploits. Even the social-engineering of the fake codecs they push is 'old hat' now.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog