Beware of Compromised Halloween-themed Web Sites
Threat Type: Malicious Web Site / Malicious Code
Websense® Security Labs™ ThreatSeeker™ Network has discovered that numerous Halloween-themed Web sites have been compromised as Halloween approaches and users are more likely to visit.
The infected Web site:
The injected code:
Another example is a US-based retailer using the Halloween theme to promote its products. This Web site is infected with a redirection that points to a gpack exploit kit. The ThreatSeeker network is currently tracking over thirteen-thousand sites infected with these patterns.
The injected Web site:
Not only malware authors take advantage of seasonal events. Numerous recently registered proxy Web sites are using the Halloween theme to allow users to bypass traditional URL filtering solutions. For example:
Websense Messaging and Websense Web Security customers are protected against these threats.