Web Hosting Articles
Web Hosting FAQs
Web Hosting How-Tos
Web Hosting News
Web Hosting Security

IBM® developerWorks
Sun Developer Network
Weekly Newsletter

Developer Updates
Free Website Content

ASP Web Hosting
ASP.NET Web Hosting
Budget Hosting
Coldfusion
Colocation
Mobile Linux
APP Generation ROI
E-Commerce Hosting
Linux Web Hosting
Managed Hosting
Reseller Web Hosting
Shared Hosting
Small Business Hosting
Virtual Private Servers
Windows Web Hosting

Articles

Forums

All Feeds

Write For Us Get Paid

Request Media Kit

Site Map

Privacy Policy
Support

USERNAME

PASSWORD

>>> SIGN UP!

Lost Password?

WEB HOSTING SECURITY

RSS

Beladen: 40,000 Website Attackers

By: Joe Eitel	Search For More Articles! Disclaimer Author Terms
Rating: / 3
2009-10-07

Table of Contents:

Beladen: 40,000 Website Attackers

Effects

Disappearance

Security

	ADD THIS ARTICLE TO:
	Del.ici.ous	Digg
	Blink	Simpy
	Google	Spurl
	Y! MyWeb	Furl

Email Me Similar Content When Posted

Add Developer Shed Article Feed To Your Site

Email Article To Friend

Print Version Of Article

PDF Version Of Article

Beladen: 40,000 Website Attackers

(Page 1 of 4 )

In June 2009, Websense, an Internet security firm, identified a mass infection of up to 40,000 websites by a new attacker nicknamed “Beladen.” Beladen, which translates as “loaded” in German, is so named because the security exploit works by directing visitors to various websites to a website named Beladen. That website then takes advantage of security holes in various applications to “load up” unsuspecting computers with all kinds of bad software.

One of the remarkable aspects of the Beladen attack is that no one can figure out how the host websites became infected. The idea is that if you visit any of these 40,000 websites, you will find a piece of hidden code somewhere on the page. This hidden code is "obfuscated," meaning that it appears to be gibberish to humans, but works as a functioning program for computers.

A major cause of concern is that there is no real connection between the 40,000 websites. Although there are theories as to how the Beladen attackers gained access to the websites, there are no concrete facts.

If you visit an infected website, the obfuscated JavaScript code will silently command your computer to redirect to another website. Your computer takes several such trips before eventually ending up at the malicious host website, Beladen.

This string of redirects is a "security" measure designed into the attacking software. Numerous checks are performed at each point to make sure that a real attack is being carried out, and Internet security firms are not trying to gain information on the attack.

Once at Beladen, the website will attempt to take advantage of various security loopholes in Internet Explorer, Firefox, and other Internet applications, such as Quicktime. If your computer is susceptible to any of these loopholes (around 20-30), the website gains access to your computer and installs malicious software such as viruses, spyware, and Trojans. The result is that your computer is thoroughly infected by an unpredictable host of programs that may prevent you from using it at all.

Next: Effects >>

More Web Hosting Security Articles
More By Joe Eitel

Comments On: Beladen: 40,000 Website Attackers
· Suggesting that people move to an OS with "less attacks" is just downright...

>>> Post your comment now!

WEB HOSTING SECURITY ARTICLES

- Security Vulnerabilities of Web Applications
- Packet Sniffing with Wireshark
- Beladen: 40,000 Website Attackers
- Robust Open Source Firewall Solutions
- Protecting Yourself Online
- We`re at War with Botnets
- Webmaster Security Threats for 2009
- Best Password Utilities for the PC
- Five of the Top Free Antivirus Programs
Find More Web Hosting Security Articles