On June 26, we observed an exploit kit attack on the Segway website. Symantec has notified Segway about the attack and Segway has since taken steps to ensure their website is no longer compromised. This blog will look at the details of an attack using the Redkit exploit kit.
Code is injected into a jQuery script.
Figure 1. jQuery script with code injection
Figure 2. Malicious code in jquery.min.js