Hundreds of thousands of hacked websites spreading scareware
From http://www.h-online.com/security/new...e-1220474.html
Quote:
Using an automated SQL injection attack, criminals have embedded links to domains carrying scareware in hundreds of thousands of websites. In some cases, visitors to an infected website see an additional page that pretends to be anti-virus software and claims to have discovered an infection on the user's system.
[snip]
Anyone running a web server should check their websites for injected JavaScript tags containing links such as <script src=http://lizamoon.com/ur.php></script>. If found, these should be removed. They will also need to find the SQL injection vulnerability used to inject the nefarious content.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|