News Stay informed about the latest enterprise technology news and product updates.

Researcher: IFrame redirect attacks escalate

It’s been a couple of weeks since security researcher Dancho Danchev raised the red flag about IFrame redirects attackers have been using to corrupt hundreds of thousands of websites, and how the likely culprit is the infamous hacking group known as the Russian Business Network (RBN).

Overnight, Danchev emailed me with an update, and it doesn’t look good. Based on his ongoing investigation, the attacks seem to be continuing unabated.

The latest high-profile sites getting targeted includes,,,,,,,,,,,,,,,,,,,,,,,,,,

This on top of those he listed two weeks ago:

NCSU Libraries – – 372,000 pages – – 13,000 pages
Central Statistics Office Ireland – – 10,300 pages
DBLife Frontpage – – 1,130 pages
School of Mathematics and Statistics – – 1040 pages
eHawaii Portal – – 992 pages
The World Clock – – 944 pages
Boise State University – – 471 pages
The U.S. Administration on Aging (AoA) – – 425 pages
Gustavus Adolphus College – – 312 pages
Internet Archive – – 261 pages
Stanford Business School Alumni Association – – 157 pages
BushTorrent – – 147 pages
ChildCareExchange – – 131 pages
The University of Vermont – – 120 pages
Hippodrome State Theatre – Gainesville, FL – – 112 pages
Minnesota State University Mankato – – 94 pages
The California Majority Report – – 16 pages – – 12 pages
USAMRIID – – 3 pages

“After another week of monitoring the campaign and the type of latest malware and sites targeted, the campaign is still up and running, poisoning what looks like over a million search queries with loadable IFrames, whose loading state entirely relies on the site’s Web application security practices – or the lack of,” Danchev wrote in his blog. “

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.