Yesterday, Bellamkonda hinted that the newest attacks were conducted differently than those against WordPress blogs hosted by his company. Although the company never disclosed how the blogs were hacked, it said it had addressed what it called the “root cause” by April 11. Network Solutions had characterized the earlier attacks targeting WordPress-crafted blogs as a file permissions issue, and initially seemed to blame users’ weak passwords for the attacks. has been reported as an attack page and has been blocked based on your security preferences,” Firefox reports in its warning. Several browsers, including Microsoft’s Internet Explorer 8 (IE8), Google’s Chrome and Mozilla’s Firefox, display warnings when users are redirected to the attack site.
That server then launches multiple exploits, including an attack kit of ActiveX exploits and three more leveraging Adobe Reader vulnerabilities, against visiting PCs. The same server was involved in the earlier attacks against Network Solutions-hosted blogs.Īccording to the StopMalvertising blog, the attacks planted a rogue IFRAME on the hacked sites to shunt users to the attack server. Yesterday, Securi Security Labs said at least 50 sites hosted by Networks Solutions had been hacked, and that malicious JavaScript injected into those sites was redirecting unsuspecting users to a Ukrainian attack server.
“For now, it’s difficult to make a conclusive statement or provide more details publicly.” “At this time, we believe this is affecting a subset of our hosting customers,” said Susan Wade, the director of Network Solutions’ corporate communications. On Monday, another Network Solutions spokesperson declined to get more specific or answer questions, including what moves the company was making and how many sites had been affected. “At this time, since anything we say in public may help the perpetrators, we are unable to provide details.” “We have received reports that Network Solutions customers are seeing malicious code added to their websites and we are really sorry for this experience,” said company spokesman Shashi Bellamkonda in a Sunday blog post. A week after Web hosting company Network Solutions dealt with a large-scale infection of WordPress-driven blogs, the company acknowledged that other sites it hosts have been compromised.
0 kommentar(er)
