Shangdu Web site in China: Mass Injection

Date:01.06.2009

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ ThreatSeeker™ Network has discovered that a large regional-based portal site named Shangdu in China is infected with a mass JavaScript injection that delivers a malicious payload. The reported page on the site has been mass-injected, attempting to deliver malicious payloads from 16 different hosts.

Websense ThreatSeeker Network has been tracking how such attacks prevail over high traffic Web sites, targeting their peers and other visitors.

Screenshot of infected site:

Screenshot showing infected site source, and the malicious payloads:

Websense Messaging and Websense Web Security customers are protected against this attack.

•  Subscribe to this feed »