Researchers have uncovered a new wave of mass attacks targeting Websites.
According to Websense, the campaign is infecting visitors to those sites using the Adobe Flash Player zero-day patched earlier this week.
A video of how the attack is taking place can be viewed here on YouTube.
“Until today the latest Adobe 0-day vulnerability (CVE-2010-1297) had only been used in targeted attacks,” according to Websense. “That changed a few hours ago when we started seeing mass injections adding the following URL to thousands of pages around the world: hxxp://26[REMOVED].in/y[REMOVED]o.js.”
“The attack is closely related to the hxxp://ww.robint.us/[REMOVED].js attack earlier this week that our friends at Sucuri (Security) blogged about, where the common theme was that all Web sites were running on Microsoft IIS and used ASP.NET,” Websense continued. “In fact, the majority of sites compromised by the new mass injection attack still have the robint.us code present.”
Anyone who hasn’t deployed Adobe’s latest patch should do so, researchers said.