Wordpress injection attack and “affiliate ping-pong.”

JMH

JMH

Banned
Local time
2:23 AM
Messages
6,448
Wordpress injection attack and “affiliate ping-pong.”

When talking about web attacks we tend to think of just defacement or malware distribution. As I shall show in this post, this is not always the case, though financial gain remains the common motive. The attack I describe below is all about driving web traffic, abusing affiliate schemes for profit. We have spoken before about affiliate abuse, back in 2007 and more recently here.

Late last week, I noticed something of a surge in reports of a particular threat: hoards of legitimate pages were being injected with a malicious JavaScript, pro-actively blocked as Mal/ObfJS-H. Thus far, the common link between the affected sites appears to be Wordpress. One user report suggests that the malicious script is being added to the header.php template script used by Wordpress.
Click to expand...
Source -
Wordpress injection attack and “affiliate ping-pong” | SophosLabs blog
 

My Computer My Computer

At a glance

Win 7 Ultimate 64-bit. SP1.Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6...8 DDR 3 RAM. 1066MHZATI 1024 MB. DDR3. Radeon HD5650
Computer Manufacturer/Model Number
LAPTOP. HP Pavilion dv7-4010TX .
OS
Win 7 Ultimate 64-bit. SP1.
CPU
Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6MB Cache.]
Memory
8 DDR 3 RAM. 1066MHZ
Graphics Card(s)
ATI 1024 MB. DDR3. Radeon HD5650
Monitor(s) Displays
17.3" High Definition Brightview LCD. LED Backlit.
Screen Resolution
1600 x 900.
Hard Drives
640GB
Case
Laptop / notebook.
Mouse
Logitech Anywhere mouse. MX.
Internet Speed
ADSL [ but too slow ]
You must log in or register to reply here.
Back
Top