Up to 10,000 websites hacked into, unpatched visitors in danger, says Kaspersky

Hackers have launched a widespread website attack, leaving malicious links on up to 10,000 web servers, says security software firm Kaspersky Lab.

Hackers have launched a widespread website attack, leaving malicious links on up to 10,000 web servers, says security software firm Kaspersky Lab.

Kaspersky says the servers hacked into are mainly located in Western Europe and the US. It is not clear at this stage who has hacked the machines, but the expectation is that the number of infected sites will rise.

The cyber criminals are adding a line of Javascript code onto the sites that redirects hacked site visitors to one of six servers.

These sites then redirect the visitor to a server in China. That server can then launch a variety of attacks, targeting known flaws in the Firefox and Internet Explorer browsers, Adobe's Flash Player and ActiveX management controls, said Kaspersky.

Those victims who have not got fully patched PCs run the risk of allowing the remote attackers to install spyware on their machines, allowing then to steal their data. This could be used to carry out financial fraud.

Similar attacks earlier this year infected 1.5 million web pages, including a large number of web pages run on Italian government servers.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close