Over 90,000 web pages compromised through iFrame injection
Researchers from security firm Armorize have uncovered a massive iFrame injection attack that has compromised 90,000+ Web pages belonging mostly to e-commerce sites.
The injected iFrame points to the willysy.com domain and through a series of redirections and JavaScript loadings of additional iFrames takes the user to a page one the arhyv.ru domain where a number of exploits try to take advantage of a handful of vulnerabilities in the user’s browser.
The researchers point out that an unsuccessful infection attempt results in the injected iFrame being rendered as content - rather than executed - in the title part of the website
Incoming search terms:
- hacking tutorials 2011 (28)
- hacking phpmyadmin (5)
- iframe injection tutorial (4)
- iframe hacking tutorial (3)
- iframe hacker tutorial (3)
- hacking phpmyadmin tutorial (3)
- Iframe injection-tutorial (2)
- iframe hacking tuto (2)
- iframe hacking tutorials (2)
- iframe injection for beginners (2)
- inject pages in website through iframe (1)
- iframe injection the hacker news (1)
- iframe injection hackers for beginners (1)
- iframe injection hack (1)
- hack phpmyadmin 3 (1)
- iframe hacking (1)
- how to hack phpmyadmin (1)
- hack phpmyadmin localhost (1)
- tweet button hacked iframe (1)