Further to my earlier post. Just got this from Symantec website regarding the web attack.
Severity: High - This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description: This signature detects a mass injection attack which may redirect to a malicious website that can compromise the target computer.
Additional Information: Web sites have been hit by a mass-compromise attack that injects malware into pages and redirects victims to a site that will then try to download Trojans and keylogger code.
If a user visits one of the infected sites, they are redirected through a series of different sites owned by the attacker and brought to the final landing page containing the exploit code . The final landing page records the visitor's IP address. When visited for the first time, the user is directed to the exploit payload site. But when visited again from the same IP address, the user is directed to the benign site of ask.com.
Guess I won't be going back to their website again in a hurry.
|
|