New attack means tampering with millions of pages

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest stationmaster buy cloud host technology Hall

A cyber attack reported earlier this month by security researcher Dan Tzantchev Dan Dancho Danchev has now spread to the 100多万个 Web page, including some well-known websites, the March 29 news.

According to foreign media reports, Danchev said in a blog in Friday: "The impact of the attack on the Web site and the affected sites have seen a rise in visibility." According to him, the well-known sites under attack include USATODAY.com, Target.com and Walmart.com.

At present, the manufacturer of the network attack has not compromised the server, but he uses the Web programming error to embed the malicious code into the search results of the search engine inside the relevant website.

The attack path implemented by an attacker is as follows: An attacker uses an internal search engine to search for a popular keyword, such as "Hilton", but binds an HTML directive to the search results. In this way, when an injured user opens the "problem" search results above, its browser opens an inline frame (IFRAME) window in the background that the victim cannot find, and directs the access path to a malicious Web site. Access to the malicious Web site will be installed on the victim's computer some false anti-spyware or Zlob Trojan software.

To improve rankings in Google's search results, some sites typically save search results and submit them to Google's search engine. And when users use Google keyword search, the above cached search results have been automatically ejected, some of the search results have been bound malicious code.

"When a malicious attacker binds malicious code to the search results of an internal search engine inside the site, the results are added to Google's search engine, and the results link may even enter the top 10 search rankings of Google, so that all users who click on the relevant search results are likely to recruit." Danchev said in an interview.

He said he believed that more than 1 million web pages had been bundled with malicious code by the attackers.

"The more keywords the attacker submits with malicious scripting, the more pages that contain the keywords, and the more the search rankings for the relevant sites." "Danchev said. This means that users are likely to open a malicious Web page when they click on a search result hosted on a well-known web site.

Danchev believes that the site to increase the search engine in-site monitoring, the results of the inclusion of malicious code in advance filter, which can greatly reduce the impact of such attacks.

A growing number of malicious hackers are trying to install malicious code into reputable Web sites, and security companies are monitoring that hundreds of thousands of pages have been tampered with in recent weeks by similar attacks.