Alert
TT Show Episode 55 - Arrow Lake, GeForce RTX 5070, and Google's Pixel smartphone tracking

Leading website compromised, turns users into "DDoS zombies"

Unknown major video website, in Alexa top 50, was hacked and compromised to turn visitors into unsuspecting "DDoS zombies"

Published
Updated
& 45 seconds read time

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

Leading website compromised, turns users into DDoS zombies | TweakTown.com

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden