Newsletter IconFacebook IconX IconThreads IconInstagram IconYouTube IconPinterest Icon
Giveaway: Win an ASRock B850 Riptide WiFi and Phantom Gaming PG-850G PSU

Leading website compromised, turns users into "DDoS zombies"

Unknown major video website, in Alexa top 50, was hacked and compromised to turn visitors into unsuspecting "DDoS zombies"

Comments
Published
Updated
45-second read time
Voice: Default
0:00 / --:--
Use left and right arrow keys to seek audio.

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

Leading website compromised, turns users into DDoS zombies | TweakTown.com

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden according to Incapsula. "Obviously one request per second is not a lot. However, when dealing with video content of 10, 20 and 30 minutes in length, and with thousands views every minute, the attack can quickly become very large and extremely dangerous."

News Source:incapsula.com

Comments

Stay Updated

Follow TweakTown for breaking tech news, reviews, and daily updates.

Add TweakTown as a preferred source on GoogleFind TweakTown on Apple News
Newsletter Subscription