Tuesday, May 19, 2009

JSRedir-R is the latest Web-based malware attacks

JSRedir-R is the latest Web-based malware attacks that infect the Internet, six times more Web pages than other malware, says Sophos. The security firm found that in the last week, nearly half of all infections were Troj / JSRedir-R. Third-party sites that host malware, infects the PC when users navigate to them. The malware will steal sensitive personal data.

Forecast: Cisco announces the acquisition of Skype?, "Nobody should be in any doubt that the Web is still the main instrument for the attack for cyber criminals, and suggests that this new threat this situation will not change anytime," said Graham Cluley, senior technology consultant at Sophos.

"The problem is that too many computer users still think that there is no danger to surf the Internet, but with legitimate websites are often the victims of such attacks, it is time to wake up. Hacking is no longer on the Web, how to be a successful way for them to spread their infections. To combat this, it is essential to the website for all malicious code before the visit. "

How You’re Probably Getting Infected by JSRedir-R ?.JSRedir-R is responsible for more than 40% of all malicious drive-by downloads / uses. This script is located on a lot of legititmate websites after they have been comprimised (of course). JSRedir-R directs you to a malicious download, once you access to the infected site.

Your best defense against JSRedir-R is:

* Always install Windows updates (always reboot to the right).
* A good antivirus program with script detection capabilities (Avira Free 9).
* Surfing the Internet with a "sandbox" (Sandboxie. .. 32bit only).

Here are some excellent reading on JSRedir-R and how they get all the steps:
1) http://www.theregister.co.uk/2009/05/15/script_menace/
2) http://blog.unmaskparasites.com/2009/05/07/gumblar-cn-exploit-12-facts-about-this-injected-script/


Blog Widget by LinkWithin

Label Cloud