Broadband Advisor

Hackers hijack a half-million sites in latest attack
They're exploiting phpBB open-source forum software, says researcher
Gregg Keizer (Computerworld) 13/05/2008 08:32:20

iPhone Centre
iPhone CentreFind out all about the iPhone at our iPhone Centre. News, reviews, how-tos and video - all in one location.
  • +

    iPhone 3G shortage to last two to four weeks, analyst says 18/07/2008 08:38:12

    Only a quarter of Apple retailers have iPhones to sell.
    US Customers looking for an iPhone 3G may have to wait up to a month for Apple to boost its orders with suppliers and refill the pipeline, a Wall Street analyst said Thursday.
  • +

    Apple offers MobleMea Culpa, extra month of sync service 17/07/2008 07:50:18

    Apple extended an olive branch to subscribers of its MobileMe online sync service today by apologizing for problems during last week's opening and adding 30 additional days service to all accounts.
  • +

    Apple botches iPhone patching, says researcher 17/07/2008 09:45:14

    Apple took more than three months to patch an iPhone vulnerability, even though it had technical details of the bug and had crafted a fix for Mac OS X, the researcher who reported the flaw said Tuesday.
Additional Resources

Newsletter Subscription

Sign up for our Good Gear Guide newsletters!
Each day the GearDaily Newsletter covers the latest from the last week in a specific category. Monday is "Computing, Small Office and Home Office", Tuesday is "On the Move", Wednesday is "Digital Cameras, Video and Imaging", Thursday is "Mobile Phones and Communications" and Friday is "Home Entertainment".
See the latest products and comparison prices added to GearShop each week.
The GoodGearGuide portfolio of services is rapidly expanding. By joining this list you will be pre-registered for any new email services we launch so you won't miss out on any of our independent product guidance and purchasing information. You will be automatically subscribed and receive the new service(s) but dont worry, should you wish to unsubscribe you can do so with only one click.

More than half a million Web sites have been compromised in a new round of attacks that hacked domains in order to infect unsuspecting users' PCs with a variety of malware, a security researcher said today.

"This is an on-going campaign, with new domains [hosting the malware] popping up even this morning," said Paul Ferguson, a network architect with anti-virus vendor Trend Micro. "The domains are changing constantly."

According to Ferguson, over half a million legitimate Web sites have been hacked by today's mass-scale attack, only the latest in a string that goes back to at least January. All of the sites, he confirmed, are running "phpBB," an open-source message forum manager.

Ferguson didn't know how the sites were compromised; Trend Micro's investigation is in progress, he said. "We're not sure if it's [because of] improper configuration of phpBB or a vulnerability. Open-source applications like phpBB tend to be targeted quite a bit."

Visitors to a hacked site are redirected through a series of servers, some clearly compromised themselves, until the last in the chain is reached; that server then pings the PC for any one of several vulnerabilities, including bugs in both Microsoft's Internet Explorer and RealNetworks' RealPlayer media player. If any of the vulnerabilities is present, the PC is exploited and malware is downloaded to it.

Some of the compromised sites have been hijacked before, said Ferguson. "Some had recently been used for keyword search ranking manipulation, and others to pitch fake pharmaceuticals or just malware," he said.

While other research by Trend Micro identified the malware hitting users' PCs as a variant of the Zlob Trojan horse, Ferguson said that more than just one piece of malware is being served. "We seeing some new stuff coming out of this one," he said.

The last massive site attack was less than three weeks ago, when sites that included government URLs in the UK and some domains operated by the United Nations were hacked. At the time, some researchers said that bugs in Microsoft's SQL Server or Internet Information Services (IIS) server software was to blame. A few days later, however, Microsoft denied responsibility.

Don't expect the run of site infections to stop anytime soon, said Trend Micro's Ferguson. "As long as attacks are tied to site development and as long as sites don't secure their content, we'll see these attacks," he said.

Market Place
Get wireless coverage in every corner of your home – the D-Link Wireless N Range.
Offering the very latest in premium Bluetooth products.
Get up to $200 cashback on selected Brother MFCs and printers
Bryston makes some of the best state of the art electronics in the world and offers a 20 Year warranty, transferable from owner to owner
Music and movie lovers all over the world choose Tannoy loudspeakers for their accuracy detail and imaging.
Linksys Introduces the Fusion of Speed, Style and Power…in a Router.Speed, Style and Power…in a Router.
For over 60 years, Sennheiser has been synonymous with quality products for recording, transmission and reproduction of sound.

Good Gear Guide Member Login

 
close
Hot Deals
4 Stars Plus Video Reviews
AV Enthusiast Centre
iPhone Centre
HD Advisor
The Business Centre
Digital Home Advisor
GPS Advisor
Broadband Advisor
Sponsored Links