Mass ASP.NET attack causes websites to turn on visitors
“An infection that causes poorly configured websites to silently bombard visitors with malware attacks has hit almost 614,000 webpages, Google searches show.
The mass infection, which redirects users to a site exploiting old versions of Oracle’s Java, Adobe’s Flash player and various browsers, was first disclosed by researchers from Armorize on Wednesday. At the time, it appeared to affect about 180,000 pages. By time of writing on Friday, the initial attack and a follow-on exploit has spread to 613,890 combined pages. The SQL injection attack mostly exploits websites running Microsoft’s ASP.Net web application framework.
The infection injects code into websites operated by restaurants, hospitals, and other small businesses and plants an invisible link in visitors’ browsers to sites. Those sites in turn redirected to several other websites that include highly obfuscated code. At the end of the line is a cocktail of attacks that exploit known vulnerabilities in Java and the other targeted programs. Computers running unpatched versions are then commandeered. Servers in the attack used IP addresses based in the US and Russia.”
Read the full article: Click here