Login

Please login to Techworld.com

Forgot password?
Need your new account confirmation email resent?
Forgot email?

Not a member yet?

Register for a Techworld Account and enjoy unlimited access to our extensive white paper library and exclusive Enterprise multi-user software trials. Account members can also comment on articles and access best practices guides.

Security

Top How-Tos / Advice articles

Hackers infect thousands of websites

Password-stealing alert.

By Robert McMillan IDG News Service | Published: 05:45, 13 March 2008

Hackers have attacked more than 10,000 web pages in an attempt to steal passwords used in online games.

McAfee researchers first noticed the attack, which appears to come from China, yesterday morning. Within hours, the security company had tracked more than 10,000 web pages.

McAfee isn't sure how so many sites have been hacked, but "given how quickly some of these attacks have come on, it does seem like some automation has gone on," said Craig Schmugar, a researcher with McAfee's Avert Labs. In the past, attackers have used search engines to scour the Internet for vulnerable websites and then written automated tools to flood them with attacks, which ultimately let criminals use legitimate sites to serve up their malicious code.

The infected sites look no different than before, but the attackers have added a small bit of JavaScript code that redirects visitors' browsers to an invisible attack launched from the China-based servers. This same technique was used a year ago, when attackers infected the websites of the Miami Dolphins and Dolphins Stadium just prior to the 2007 Super Bowl football game.

The attack code takes advantage of bugs that have already been patched, so users whose software is up-to-date are not at risk. However, McAfee warns that some of the exploits are for obscure programs such as ActiveX controls for online games, which users may not think to patch.

If the code is successful, it then installs a password-stealing program on the victim's computer that looks for passwords for a number of online games, including the Lord of the Rings Online.

These online game passwords are a popular hacker target, in part because many online gaming resources can be stolen and then sold for cash.

Widespread web attacks such as this are becoming more common too.

In January, security vendor Finjan reported a widespread hacking effort that infected 10,000 websites with malicious code that attacked visitors and then installed data-collecting software on their machines.

This type of attack is attractive to criminals, in part because it can be hard to thwart. "It's more subtle than spamming a malicious executable file to billions of email addresses," Schmugar said. "You allow the people to go to the sites that they normally go to and pull off a low-scale attack that flies under the radar."

Send to a friend

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.