Department of Homeland Security website hacked!

The sophisticated mass infection that’s injecting attack code into hundreds of thousands of reputable web pages is growing and even infiltrated the website of the Department of Homeland Security.

While so-called SQL injections are nothing new, this latest attack, which we we reported earlier, is notable for its ability to infect huge numbers of pages using only a single string of text. At time of writing, Google searches here, here and here showed almost 520,000 pages containing the infection string, though the exact number changes almost constantly. As the screenshot below shows, even the DHS, which is responsible for protecting US infrastructure against cyber attacks, wasn’t immune. Other hacked sites include those belonging to the United Nations and the UK Civil Service.

document.write(‚\x3Cscript src=“http://ad.uk.doubleclick.net/adj/reg.public_sector.4159/government;cta=’+cta+‘;ctb=’+ctb+‘;ctc=’+ctc+‘;sc=’+sc+‘;cid=’+cid+‘;’+RegExCats+GetVCs()+’pid=’+RegId+RegDT+‘;’+RegKW+’maid=’+maid+‘;test=’+test+‘;pf=’+RegPF+‘;dcove=d;sz=336×280;tile=3;ord=‘ + rand + ‚?“ type=“text/javascript“>\x3C\/script>‘);

Screenshot of Google search showing DHS website

weiterlesen

Advertisements
Explore posts in the same categories: Hacker, News, Nicht kategorisiert, Security

Schlagwörter:

You can comment below, or link to this permanent URL from your own site.

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s


%d Bloggern gefällt das: