Large Scale Attack on Host Servers
Last weekend the ISC (Internet Storm Center) was trying to track a large scale hack that infected site-hosting servers. By doing this they in sense turned all the hosted sites into distributors of a virus.
The ISC said that the attackers used both direct and indirect means to infect users. In some cases, a script was appended to all home pages of the sites hosted on the host servers and the script redirected visitors of those sites to a malicious site that actually infected anyone that visited it. ICS also found some proof that a DNS cache poisoning attack was part of the virus.
Staying one step ahead of anyone trying to track them. The hackers were using Dynamic DNS . The ICS said that the IP address for three different domains were all resolving to the one address (217.16.26.148).
So far, a week later, they still have no clue on who the hacker or hackers were.
The ISC said that the attackers used both direct and indirect means to infect users. In some cases, a script was appended to all home pages of the sites hosted on the host servers and the script redirected visitors of those sites to a malicious site that actually infected anyone that visited it. ICS also found some proof that a DNS cache poisoning attack was part of the virus.
Staying one step ahead of anyone trying to track them. The hackers were using Dynamic DNS . The ICS said that the IP address for three different domains were all resolving to the one address (217.16.26.148).
So far, a week later, they still have no clue on who the hacker or hackers were.
posted by Sean Mike at 3:21 PM
0 Comments:
Post a Comment
<< Home