DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 3rd April 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,143
Thanked 182 Times in 149 Posts
Default Hundreds of thousands of hacked websites spreading scareware

From http://www.h-online.com/security/new...e-1220474.html

Quote:
Using an automated SQL injection attack, criminals have embedded links to domains carrying scareware in hundreds of thousands of websites. In some cases, visitors to an infected website see an additional page that pretends to be anti-virus software and claims to have discovered an infection on the user's system.

[snip]

Anyone running a web server should check their websites for injected JavaScript tags containing links such as <script src=http://lizamoon.com/ur.php></script>. If found, these should be removed. They will also need to find the SQL injection vulnerability used to inject the nefarious content.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
MySQL allegedly hacked - via SQL injection Carpetsmoker News 3 29th March 2011 06:03 AM
Am I being hacked? newbsdied OpenBSD Security 14 6th November 2010 10:41 PM
Exploit for new Flash vulnerability spreading fast J65nko News 0 11th June 2010 05:43 AM
Kobil smartcard reader hacked J65nko News 0 4th June 2010 12:50 PM
Mailserver for websites xCipherx FreeBSD Ports and Packages 4 13th April 2010 03:56 PM


All times are GMT. The time now is 06:21 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick