(WEB HOST INDUSTRY REVIEW) — A series of online attacks labeled “Beladen” has spread rapidly, infecting malicious JavaScript code on some 40,000 websites, according to warning by Internet security firm Websense (www.websense.com).
Once the code – which is hidden through complex obfuscation techniques – is installed on the victim’s computer, it attempts to execute a handful of exploits from a third-party server.
Websense says these attacks differ from other recent attacks, such as Gumblar and Martuz.
The researchers have not been able to find a common point of entry with the Beladen attacks, leading them to believe that compromised FTP passwords could be responsible for the attacks as in the case with the Gumblar attacks.
Beladen, which is German for “loaded”, is named after the domain, beladen.net, from where the exploits originate.
Those individuals visiting the infected websites, which seem to be mostly small companies or government institutions, will be bombarded with exploits for vulnerabilities in various software installed on their computer,
Since many computer users do not keep their software up to date, this kind of attack can be extremely dangerous.
The injected JavaScript code also collects statistics from unsuspecting visitors, including the name of the infected website, and the date and time of the visit.
It then forwards this information to a script on google-analyt1cs.net, which has previously been linked to the cybercriminal organization group, Russian Business Network.
A recent study revealed that the past few months has seen a rise in large distributed denial of service attacks which threaten to send entire countries offline.
No related posts.
