Exploit may track back to Fasthosts compromise, but security researchers warn of its difficulty to track and detect.
Many specialist UK websites have been used to spread a particularly difficult track form of malware that is capable of dynamically changing its code. The only thing to link the several hundred compromised sites, other than the fact that many of them are small UK-based retail outfits like a bicycle shop and speciality travel firm, is the fact that all their affected domains have, or had, a relationship with the UK's biggest web hosting company Fasthosts, according to the security researcher at ScanSafe who first spotted the attack. Fasthosts' systems called in the police to investigate a security breach in October last year that forced the provider to ask users to change their passwords.
View: Full Story @ IT Pro