More than 20,000 Web pages infected on hundreds of Web sites had been discovered by the researchers from the McAfee Inc. security company. It looks to be a coordinated effort run out of servers in China.
According to Craig Schmugar, a researcher at McAfee's Avert Labs unit, "it does seem like some automation has gone on", since these attacks appeared rapidly.
If in the past hackers used search engines to find out the weak Web sites and exploit them for malicious purposes, now they have added JavaScript code too, in order to redirect visitors' browsers to an undetectable attack coming from the China-based servers.
The Web sites of the Miami Dolphins and Dolphins Stadium just before the Super Bowl XLI had been attacked in the same way a year ago.
If your software is up to date, you shouldn’t be concerned about, because this kind of attack code takes advantage of bugs that have already been patched. Yet, McAfee advises that caution measures are necessary: some of the exploits can be obtained form doubtful programs such as ActiveX controls for online games, without being patched, because users don’t assume it is necessary.
Supposing the code is working, a password-stealing program will be installed, that will try to trace passwords for a number of online games. Among them is The Lord of the Rings Online. The passwords used on the online game are common targets because money can be obtained after stealing and selling many online gaming resources.
Security vendor Finjan Inc. reported that 20,000 Web sites have been infected, in a widespread Web attack, with malicious code that installed in the visitor’s PC data-collecting software. Because it proved to be difficult to put a stop to, this is an alluring kind of attack for hackers. Schmugar declared that "It's more subtle than spamming a malicious executable file to billions of e-mail addresses".
