1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Mass Injection Website 59

Web Attack: Mass Injection Website 59

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects hidden scripts injected in compromised websites, which upon visiting redirects the user to malicious websites.

Additional Information

This is a detection for compromised websites with the injected script code. This is an attack where a malicious javascript is injected in large number of clean websites. Once compromised, it aims to use the websites to redirect its visitors to malicious websites without visitors being aware of it. The malicious javascript can also perform other unwanted activities like stealing payment information from payment pages on ecommerce websites. This is known as Formjacking, which is described here- https://www.symantec.com/blogs/threat-intelligence/formjacking-attacks-retailers

Affected

  • Various compromised sites
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube