Anti-Virus Vendor Hacked
I just read an article about an Indian security company AvSoft whose website got hacked and distributed malicious code rather than their own when users tried to download software. The attack used was iFrame injection on the vulnerable site. From what I’ve read about iFrame injections, hex code (with real meaning when translated to javascript) is somehow uploaded onto the site. Then when users try to click on some link or button, what they are really clicking on is an “invisible frame” over that link/button which redirects them to some other site or attempts to install malicious software.