Legitimate sites hit with malicious JavaScript
At ZDNet, Ryan Naraine reports that over 20,000 legitimate Web sites have been found to have had malicious JavaScript inserted:
Hackers have broken into more than 20,000 legitimate Web sites to plant malicious code to be used in drive-by malware attacks.
According to a warning from Websense Security Labs, the sites have been discovered to be injected with malicious JavaScript, obfuscated code that leads to an active exploit site.
Surfing with JavaScript turned off is a big nuisance but I have been recommending this defensive tactic for a long time. Yes, it’s a pain to have to re-enable JavaScript on the large number of sites that use it but the hackers are making the Internet less and less convenient for us all. The growing problem is that so many legitimate sites are getting infected. Be sure that your browser will always ask before downloading anything. And when in doubt, refuse downloads. I almost never allow downloads, no matter what the site may be.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.