Thousands of web sites compromised, redirect to scareware

The compromised sites are using legitimately looking templates using automatically generated bogus content, with a tiny css.js (Trojan-Downloader.JS.FraudLoad) uploaded on each of them which triggers the scareware campaign only if the visitor is coming a search engine listed as known http referrer by the gang - in this case Google, Yahoo, Live, Altavista, and Baidu :

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA