Yep, you are reading that headline right. Yet another code injection attack that is new. Just prior to writing this post, it showed 855,000 pages infected with some malicious (BAD!!) code that was injected into legitimate sites. NoScript is one defense, since this code is hosted on another domain.
The attack that I wrote about that started last week just hasn’t really taken off. Doing a Google search shows 25,500 pages that were affected by this one. It is early in the game for both of these attacks so more details will come out later. I’ll do more checking on the current attacks to see where those bad sites are being hosted.
The two sites in this new attack are listed below. I’ve altered the URL. My advice is NOT to go to either of these sites.
hxxp://free.hostpinoy.info/f.js
hxxp://xprmn4u.info/f.js
Stay safe and HAPPY MOTHER’S DAY!!!
