I hope that ISPs start taking some responsibility and stand beside their users, which make them better than the others.
If you have any comment, share it with us here …
U.N site is another victim of SQL injection attacks, when a user browses the site events page, he will get redirected to (www.nihaorr1.com/[removed]). The "1.js" redirects the user to another page "1.htm", once loaded it will try to exploit the following vulnerabilities:
Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (Critical)
Cumulative Security Update for Internet Explorer (Critical)
Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution
Vulnerability in Vector Markup Language Could Allow Remote Code Execution
Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution
The Baofeng Storm MPS.StormPlayer.1 ActiveX control heap-based buffer overflow
GLChat Stack-based buffer overflow
Baidu Bar ActiveX Control Remote Command Execution
Real Player RAM Download Handler ActiveX Control
Finally, it will redirect the user to another two pages that serve malwares: (gg.haoliuliang.net/one/ hao8.htm?036) and (gg.haoliuliang.net/wmwm/ new.htm).
Mitigation checklist for system administrators: