- Apr 25, 2013
- 5,355
The official website of the popular cross-platform JavaScript library jQuery (jquery.com) has been compromised and redirecting its visitors to a third-party website hosting the RIG exploit kit, in order to distribute information-stealing malware.
JQuery is a free and open source JavaScript library designed to simplify the client-side scripting of HTML. It is used to build AJAX applications and other dynamic content easily. The popular JavaScript library is used by 30 percent of websites, including 70 percent of the top 10,000 most visited websites.
James Pleger, Director of Research at Risk management software company RiskIQ, reported yesterday that the attack against jQuery.com web servers launched for a short period of time on the afternoon of September 18th.
So, the users who visited the website on September 18th may have infected their system with data-stealing malware by redirecting users to the website hosting RIG. Pleger urged those who visited the site during the alleged attack to re-image their systems, reset passwords for user accounts that have been used on the systems, and also look for any suspicious activity if originated from the offending system or not.
"However, discovering information-stealing malware on jQuery.com is particularly disconcerting because of the demographic of jQuery users [who are] generally IT systems administrators and web developers, including a large contingent who work within enterprises," Pleger wrote.
Cyber criminals discovered a loophole in the jQuery website’s web properties, backend systems, or other critical infrastructure and injected malicious JavaScript that redirects victims.
Full Article
JQuery is a free and open source JavaScript library designed to simplify the client-side scripting of HTML. It is used to build AJAX applications and other dynamic content easily. The popular JavaScript library is used by 30 percent of websites, including 70 percent of the top 10,000 most visited websites.
James Pleger, Director of Research at Risk management software company RiskIQ, reported yesterday that the attack against jQuery.com web servers launched for a short period of time on the afternoon of September 18th.
So, the users who visited the website on September 18th may have infected their system with data-stealing malware by redirecting users to the website hosting RIG. Pleger urged those who visited the site during the alleged attack to re-image their systems, reset passwords for user accounts that have been used on the systems, and also look for any suspicious activity if originated from the offending system or not.
"However, discovering information-stealing malware on jQuery.com is particularly disconcerting because of the demographic of jQuery users [who are] generally IT systems administrators and web developers, including a large contingent who work within enterprises," Pleger wrote.
Cyber criminals discovered a loophole in the jQuery website’s web properties, backend systems, or other critical infrastructure and injected malicious JavaScript that redirects victims.
Full Article