TweakTown
Tech content trusted by users in North America and around the world
6,076 Reviews & Articles | 39,022 News Posts
TRENDING NOW: GTA V will offer first-person mode on foot, and in vehicles on PC

Leading website compromised, turns users into "DDoS zombies"

Unknown major video website, in Alexa top 50, was hacked and compromised to turn visitors into unsuspecting "DDoS zombies"

| Hacking & Security News | Posted: Apr 8, 2014 4:19 am

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

 

TweakTown image news/3/6/36867_01_leading_website_compromised_turns_users_into_ddos_zombies.jpg

 

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

 

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden with the address of the DDoSer's C&C domain," according to Incapsula. "Obviously one request per second is not a lot. However, when dealing with video content of 10, 20 and 30 minutes in length, and with thousands views every minute, the attack can quickly become very large and extremely dangerous."

NEWS SOURCES:Incapsula.com

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases