10,000-website Strong Malware Maze Created by Criminals

Stony Stevenson passed us an ITnews article about the newest scam in online crime. Some 10,000 web pages have been rigged by IT-minded criminals, with the aim of hijacking unsuspecting PCs. The site reports that the users are redirected through a maze of malware, all with the goal of gaining access to personal user information. "The reprogrammed web pages are probably victims of an automated attack that included scanning the internet for unsecured servers and planting a piece of JavaScript code that redirects to a site in China to serve up the malware. The malware cocktail attempts to exploit vulnerabilities in Windows, RealPlayer and other applications to break into the PC. A back door also allows the subsequent installation of additional malicious programs. McAfee Avert Labs first spotted the attack on 12 March. 'Of the 10,000 pages that were compromised a number have already been cleaned up,' the firm stated."

Re:Another oblig

[LMacG]

Or for us older folk:

You are in a maze of twisty little web pages, all alike.

We should make vbscript the standard...

[syntaxeater]

...then we wouldn't be having these problems.

It is pitch black.

[circletimessquare]

You are likely to be eaten by a script kiddie.

Save us

[DiscoLizard]

McAfee Avert Labs described the assault as "one of the largest attacks to date of this kind".

The attack serves as a reminder that even trusted websites can be malicious, McAfee warned.

"Often you hear warnings about not going to untrusted sites," said Craig Schmugar, threat researcher at McAfee Avert Labs."That is good advice, but it is not enough."

McAfee Avert Labs first spotted the attack on 12 March.

I wonder who can sell us some sort of software to guide us out of this maze of evil webpages?