Cisco Blogs


Cisco Blog > Security

Crumbling to the Cookiebomb

Recently we have seen a spate of government websites hosting malicious Cookiebomb JavaScript. We have observed URLs with the top level domains such as ‘.gov.uk’, ‘.gov.tr’, ‘.gov.pl’ and the website of a middle eastern embassy in the US become compromised and expose visitors to malware infection. For malicious actors, highly reputable websites are a valuable target to compromise. Politically motivated attackers, such as the Syrian Electronic Army, can use these websites to highlight their cause, to cause embarrassment to an adversary, or to spread malware, possibly as part of a watering hole attack. Profit motivated distributors of malware can use these websites to infect the steady stream of visitors who trust the website and who are unlikely to suspect that it has been compromised.
Read More »

Tags: , , , ,