jQuery site popped to serve malware slop The jQuery site served credential-stealing malware to scores of users who visited the website on September 18, researcher James Pleger says. The super-popular JavaScript library was used by 30 percent of websites including 70 percent of the 10,000 most popular sites which may have been compromised by the RIG exploit kit. …
El Reg:
jQuery security bods found no evidence that its site was foisting the drive-by download however
RISKIQ:
After verifying that the site was indeed redirecting users to a malware dropper, we immediately contacted jQuery.com to alert them to the attack. While they weren’t able to determine the root cause of the attack, the site’s administrators were addressing the issue.
Hitting this redirector, we continued to be redirected to the RIG exploit kit, even though we weren't able to replicate the script injection on jQuery.com with subsequent requests.
So what's the actual status?
A technicality, the malware wasn't hosted on jQuery, but somehow the attackers had managed to get it to link to another site, which did have malware and that site downloaded the malware onto unsuspecting visitors. E.g. they managed to inject a script or link tag or an Iframe.
"Internet Explorer, Java, Adobe Flash, and Silverlight"
As an IT worker I suspect I am not alone in the following response:
IE - Don't use except on internal/intranet - I use Firefox with Adblock/NoScript externally
Java - Not installed/Enabled in FF
Flash - Not installed in FF
Silverlight - Not installed in FF (And run on request in IE. Seriously, does anyone use silverlight if they can possibly help it?)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
