The Latest in IT Security

Web Directories site compromised, leads to Incognito Exploit Kit

05
Sep
2011

WebsenseR ThreatSeekerR Network has detected that the Web Directories site (http://www.web-directories.ws) was compromised on 4th September, 2011. This lead users to the Incognito exploit kit.

UPDATE: This site was quickly fixed and the malicious codes have been removed.

Web Directories is a site designed to help Webmasters and site owners find relevant directories. They intend to offer one of the largest Web directories listing on the Internet. This site has heavy global Alexa traffic, especially from Asia. It is estimated that over 60% of visitors to this site are from India, which has an Alexa traffic ranking of 885.

The Web Directories homepage:

This site had the following malicious codes inserted:

The link hxxp://dire-straits.co.uk/stat.php redirects you to another malicious site hxxp://hertscycle.cu.cc/showthread.php?t=67640185 that contains the exploit codes.

From our analysis this code belongs to a notorious exploit kit – Incognito exploit kit. When redirected, a Trojan is silently downloaded to unsuspected clients, and infects them in the process.

 We also detected many other Web sites injected with similar codes:

Websense customers are protected from Web-based threats by ACE, our Advanced Classification Engine.

Leave a reply


Categories

SATURDAY, SEPTEMBER 21, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks