This website uses cookies. By continuing to browse this website, you accept our use of cookies and our Cookie Policy. Close

NEW! Cloud Security Gateway — SWG, CASB, and DLP in a single product.

Monday, Sep 05, 2011

Web Directories site compromised, leads to Incognito Exploit Kit


Websense® ThreatSeeker® Network has detected that the Web Directories site ( was compromised on 4th September, 2011. This lead users to the Incognito exploit kit.  

Web Directories is a site designed to help Webmasters and site owners find relevant directories. They intend to offer one of the largest Web directories listing on the Internet. This site has heavy global Alexa traffic, especially from Asia. It is estimated that over 60% of visitors to this site are from India, which has an Alexa traffic ranking of 885.

 The Web Directories homepage:


This site had the following malicious codes inserted: 


The link hxxp:// redirects you to another malicious site hxxp:// that contains the exploit codes.

From our analysis this code belongs to a notorious exploit kit - Incognito exploit kit. When redirected, a Trojan is silently downloaded to unsuspected clients, and infects them in the process. 


 We also detected many other Web sites injected with similar codes:


Websense customers are protected from Web-based threats by ACE, our Advanced Classification Engine.

Tags Exploit

About the Author