Recently, we’ve started to see the BlackHole Exploit Kit (BHEK) using plain HTML files (instead of iframes) as redirectors to the exploit page.The content of the HTML file will usually be a page displaying a “loading” or “please wait” or “connecting to server” type of message, with background JavaScript which will redirect the victim to […]
The Websense® ThreatSeeker® Network discovered on June 27, 2012, that one of the most popular travel websites in India, cleartrip.com, was compromised and served malicious code. The website was informed of this breach and no longer serves malicious code. In this blog, we'd like to share our insights about this attack and focus on the tactics that we […]
During the last couple of days I have together with Yury Namestnikov been investigating the extremely high numbers of infected websites. It all started when I was going through local statistics for Sweden and saw an increase of a certain JavaScript redirector, and also new detections on new variants for Java, PDF and Flash exploits. […]
Latest Comments