20,000 websites could be infected with JavaScript malware

Loek Essers
20 April, 2012
View more articles fromthe author

Google has warned 20,000 websites that they might be hacked and injected with JavaScript redirect malware.

“Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites,” the Google Search Quality team said. The team said files are infected with unfamiliar JavaScript and warned that site owners should search for files containing “eval(function(p,a,c,k,e,r)” in particular. The code may be placed in HTML, JavaScript or PHP files, Google said.

Websites were also warned that server configuration files could have been compromised.” As a result of this, your site may be cloaking and showing the malicious content only in certain situations,” Google said. It emphasized that it is important to remove the malware and fix the vulnerability to protect site visitors. Webmasters were also urged to keep their software up-to-date and to contact their web hosts for technical support.

It is not the first time Google has warned website owners to look for malware infections, Google spokesman Mark Jansen said. “It’s part of our ongoing mission to be transparent with webmasters and do our bit to help prevent spam,” he said. “In fact this isn’t a new phenomenon; we communicate very openly with webmasters and always have done.”

Google’s anti-malware campaigns can have a big impact. Last July Google excluded more than 11 million URLs from the “co.cc” domain, because they were regularly used by cybercriminals to spread antivirus programs and conduct drive-by attacks. Google explained in at the time that some bulk providers could host more than 50,000 malware domains and that it could flag whole bulk domains in severe cases.

While unconnected, the Flashback Trojan has been exploiting CVE-2012-0507, which is a Java vulnerability.


Leave a Comment

Please keep your comments friendly on the topic.

Contact us