GIVEAWAY: TEAMGROUP T-Force VULCAN Z SATA III SLC 2TB SSD, two up for grabs!

Leading website compromised, turns users into "DDoS zombies"

Unknown major video website, in Alexa top 50, was hacked and compromised to turn visitors into unsuspecting "DDoS zombies"

Published Apr 7, 2014 11:19 PM CDT   |   Updated Tue, Nov 3 2020 12:17 PM CST
0 minutes & 40 seconds read time

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

Leading website compromised, turns users into DDoS zombies | TweakTown.com

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden