Select Page

There’s plenty of word these days about SQL injection (Dancho Danchev’s blog is an excellent reference on this trend). Add another one to the list, a fairly extensive cross site scripting hack currently in action, pushing porn, and ultimately malware.

The images displayed are extremely graphic in content. When an image is clicked, the user is redirected to a site pushing a fake antispyware program.




Searching Google for the term “href=//imagesoap” pulls up a large number of results. (Warning: the results returned are highly graphic in content, and do lead to malware.)


Sites observed as infected include:

And plenty more.

Alex Eckelberry
(Thanks Francesco and Adam)