|
|
|
|
|
|
by Hopka
4953 days ago
|
|
|
I wonder how the links to these fake sites are injected into the infected sites in the first place. Is it through some other vulnerability and the fake sites are mainly needed to make the hack less obvious for a human auditing the code? Or do they hope that somebody finds the fake jQuery site on Google or through a typo in the URL and then includes their fake JavaScript file instead? That seems unlikely to me. |
|
|