CYREN Blog

 

Compromised Websites unknowingly host malware

by CYREN Security Blog

The email shown below is a current example of “payment rejected” emails that have circulated in large numbers in the past 3 weeks.  The links in the email lead to malware similar to that described a previous post.

In the example above the malicious JavaScript files were hidden within the folders of a legitimate site: http://www.dalgiocabondo.com/.  In this case the offending files have been quickly removed.

The numerous examples of similar misuse of legitimate sites have promoted Commtouch to team with StopBadware to investigate this phenomenon more deeply.  As a first step we are conducting a survey of website owners who have had (or are currently having) their sites hacked and misused.  The survey aims to answer questions such as:

  • How did the compromise happen?
  • What did the cybercrimnals do with your stolen site?
  • How were you made aware of the hack?
  • What did you do to fix the problem?

The survey is available in the preceding blog post

About StopBadware

StopBadware focuses on giving website owners, web hosting providers, end users, and URL blacklist operators the tools they need to fulfill their respective responsibilities in making the Internet safer.  From the StopBadware website:

Together with our partners we:

Learn more about what we do or how to get involved.

 

Comments


Add a comment