It became known that hackers attacked the British easyJet airlines. EasyJet representatives said that the…
Also the media reported that Cyber-Espionage Group Worok Attacks Asian Governments and Companies.
At least 10,000 sites targeting an East Asian audience have been hacked and are now redirecting visitors to adult sites.
The hacked sites belong to either to small firms and or multinational corporations, all using different technology stacks and hosting, making it difficult to spot a common attack vector. One of the few “common denominators” is that most of the compromised resources are hosted in China or in another country, but are targeted at Chinese users.
Attackers inject malicious JavaScript into hacked sites, often connecting to the target web server using real FTP credentials. And how exactly the attackers get them, the experts failed to find out.
The report also notes that URLs hosting malicious JavaScript are restricted to specific geofences so that the code only runs in a number of East Asian countries.
In addition, experts have found signs that this campaign is also aimed at Android. In such cases, the redirect script takes visitors to gambling sites that call for installing a special application (APK com.tyc9n1999co.coandroid).
What kind of group is behind these attacks, and what goals it pursues, is still unclear until the end. A notable aspect of these attacks is the absence of phishing, web skimming, or malware. One theory says that the purpose of hackers is ad fraud and SEO manipulation. It’s also possible that it’s about driving non-organic traffic to specific sites.
Pectorsed.com is a site that tries to trick you into clik to its browser notifications…
News-wogago.com is a site that tries to force you into subscribing to its browser notifications…
Grimpoaltoumpa.com is a site that tries to force you into subscribing to its browser notifications…
News-cekufa.com is a site that tries to force you into clik to its browser notifications…
News-nevawo.com is a domain that tries to trick you into clik to its browser notifications…
News-vuyexu.com is a domain that tries to force you into subscribing to its browser notifications…