For the last few weeks we’ve been tracking a large scale decentralized Traffic Distribution System (TDS). It’s using hundreds of compromised sites as their first entry point. Anyone that visits the compromised sites from a search engine gets redirected to another site controlled by the attackers (most of the time with pornographic or pharmaceutical content).
For each of those redirections, the bad guys make money via affiliate commissions. Symantec explains well how those traffic distrubution systems work here: Web-Based Malware Distribution Channels: A Look at Traffic Redistribution Systems.
The victims
Take a look at these websites and try to see what they have in common:
read more.......... http://blog.sucuri.net/2013/02/large-scale-compromises-leading-to-tds.htmlhttp://gabriellerosephotography.com/http://bodegablanca.com/http://www.celeirodoalgarvio.com/http://www.ymsite.com/http://wordpress.lukesatin.com/http://effervescence-records.com/http://locallylocated.comhttp://highperformancetraining.org/