Major Sites Hit With Iframe Injection Attacks

Security researcher Dancho Danchev cited numerous examples of high profile websites hit by attackers, believed to be part of the infamous Russian Business Network.

Wal-Mart, Target, USA Today, and several university websites displayed an awful truth in search results observed by Danchev. They and many others received unwanted search optimization via the injection of iframes through code added to search queries into their sites.

The attacks started two weeka ago, and have evolved into what Danchev wryly called "what looks like a large scale web application vulnerabilities audit of high profile sites." He believes over a million search queries have been poisoned, due to insufficient security on the web applications affected by them.

When people do a site search on the affected domains, these infected sites redirect visitors via the iframes to bogus security software or variants of the notorious InfoWorld noted how these results sometimes get submitted by the sites back to Google, where other searchers will find the malicious pages.