Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Wordpress injection attack and “affiliate ping-pong.”

03 Feb 2010   #1

Win 7 Ultimate 64-bit. SP1.
Wordpress injection attack and “affiliate ping-pong.”

When talking about web attacks we tend to think of just defacement or malware distribution. As I shall show in this post, this is not always the case, though financial gain remains the common motive. The attack I describe below is all about driving web traffic, abusing affiliate schemes for profit. We have spoken before about affiliate abuse, back in 2007 and more recently here.

Late last week, I noticed something of a surge in reports of a particular threat: hoards of legitimate pages were being injected with a malicious JavaScript, pro-actively blocked as Mal/ObfJS-H. Thus far, the common link between the affected sites appears to be Wordpress. One user report suggests that the malicious script is being added to the header.php template script used by Wordpress.
Source -
Wordpress injection attack and “affiliate ping-pong” | SophosLabs blog
My System SpecsSystem Spec
04 Feb 2010   #2


Hope they figure out a way to hack the IRS. Haven't paid my taxes yet this year
My System SpecsSystem Spec

Thread Tools

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 03:46.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App