Security researchers have recently discovered hackers redirecting users to thousands of newly infected websites through fake web pages.
According to Websense, a security vendor, an astonishing 40,000 or more websites have recently been hacked to redirect computer users to other web pages in an attempt to infect PC's with malware.
The recent attacks were discovered to be a hacking incident where the affected sites host JavaScript code that is designed to redirect users to fake Google Analytics web pages and then to another malicious website. Google Analytics is a site that provides site usage data for website owners.
The websites that users land on from this attack have likely been hacked through an SQL injection attack or via FTP credentials that may have been stolen. The theft of FTP credentials reminds us of the Gumblar attack but researchers suspect that this incident is not related to Gumblar.
Hackers may be using automated tools to carry find and infect vulnerable websites. One of the latest campaigns similar to this one reveals that infected sites are testing to see if a particular PC has software vulnerabilities within applications such as Firefox and Internet Explorer which can be exploited to download malware.
As of now it is not certain what the attackers are doing with this infection. Could it be possible that they will gain control of the compromised systems to carry out illegal actions or configure them to send out spam messages to thousands of recipients? Is it likely that we may have stumbled upon a copy-cat group that seeks out to reproduce the same actions as Gumblar? Only time will tell unfortunately.