Home > All, Vendor News > Song lyrics can be so compromising!

Song lyrics can be so compromising!

September 17, 2010 Leave a comment Go to comments

Be careful out there. Just as Qualys releases its latest report discussing the changing face of today’s threats (and I’ll be discussing that with Wolfgang Kandek in the next post), Websense discovers a perfect example: bad guys are compromising good sites. The Websense Security Labs ThreatSeeker Network has found that Songlyrics.com  (which gets about approximately 200,000 daily page views) got compromised with obfuscated malicious code.

Once a user accesses the main page of the song lyrics site, malicious code is injected which leads the user to an exploit site loaded with the Crimepack exploit kit. Only 39.5% of antivirus engines currently recognise this exploit. Any computer exposed and infected just becomes another zombie-bot in the wild; and there’s hardly anything the user can do to prevent this from occurring.

Carl Leonard

Carl Leonard, Senior Manager, Websense Security Labs

We are seeing the bad guys more frequently compromise popular sites in an effort to infect and exploit the most users, as in this most recent case with songlyrics.com, a site that gets millions of unique visitors. It is unfortunate that in this case, Google Instant results are also helping to steer unaware users to this malicious content. Without real-time content analysis, all users are at risk.
Carl Leonard, Senior Manager, Websense Security Labs

More details from Websense

Categories: All, Vendor News
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s