Alerts
BOOKMARK THIS ALERT
digg
|
del.icio.us
|
reddit
newsvine
|
furl
|
technorati
China Business Network Rail Site Infected with Mass Script Injection
Date:10.14.2008
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network discovered today that the China Business Network Rail Web site has been infected with the mass attack JavaScript injection to deliver a malicious payload. The reporting page on the site contains partially obfuscated malicious JavaScript code that, through numerous redirects, loads numerous exploit code. Applications targetted include a GLWorld ActiveX Control, Real Player, a UUSE P2P streaming application, and Xulnei Thunder DapPlayer. Websense Real-Time Security analytics pro-actively protect Websense customers from this attack.
Websense ThreatSeeker has been tracking how such attacks prevail over reputed Business-to-Business (B2B) and Business-to-Clients (B2C) Web sites to target their peers and other visitors.
Screenshot of infected site:
Screenshot of Websense ThreatSeeker Technology showing infected site source and the malicious payloads:
Websense Web Security customers are protected against this attack.