Hackers Tuck Attack Code Into UK Government Site

(pcworld) -- A Welsh government Web site has been hacked to serve up malicious JavaScript, a sign that the spate of attacks first spotted last month are continuing, analysts from security vendor Sophos warned Friday.

The method of attack is similar to one that recently victimized pages within Trend Micro's Web site, said Graham Cluley, senior technology consultant for Sophos.

Trend Micro's Web site was one of up to 20,000 sites discovered in mid-March where hackers found a weakness in the server's security that allowed them to implant malicious JavaScript.

If a user visits an infected page, the JavaScript initiates a download of malicious code from another server. Sophos named the attack Troj/Badsrc-A. full story