Security researchers are raising an alarm for a potent malware cocktail — backdoor Trojans and password stealers — being pushed to Windows users from about 55,000 hacked Web sites.
According to Mary Landesman, a researcher in ScanSafe’s security threat alert team, the cybercriminals have embedded a malicious iFrame into tens of thousands of Websites to fire exploits at unsuspecting PC users who surf to one of the rigged sites.
The iFrame points to an intermediary exploit site which in turn loads additional exploits and malware from up to seven different malware domains, Landesman said.
Landesman ran a Google search of the iFrame script tag and found it embedded on about 54,900 sites, many of them legitimate online destinations.
Victim sites include feedzilla.com, latindiscover.com, and a number of charitable and nursing facilities, including howellcarecenter.com, sweetgrassvillagealf.com, foodsresourcebank.org, and morningsideassistedliving.com.
At the time of writing this blog post, the number of hacked sites listed in Google results climbed to 56,000.
Malware blockers built into the main Web browsers are starting to block access to the rigged sites.