July 22, 2009

Malicious iframe attack

This is not a post related to Internet Marketing.  I felt this post was necessary since we’ve seen this a few times recently.  A search on Google for [malicious iframe attack] brings up 38,000 results.  Please take the 2 minutes to check your site and below we describe the steps to identify the problem and steps to correct the problem.  I would like thank Meena Rao, my senior project manager, for compiling the report below.

Recently, a number of websites were attacked by malicious code. Several reputable and legitimate sites have been compromised by this attack.

The attack is done in 2 steps. The first step in the attack is for an intruder to gain access to the FTP login credentials (username and password) for a site. This is easy to do for sites for which FTP passwords can be easily guessed, something like “site123” and easy to decipher. The FTP login is then used to get into the site and append malicious code to the index files on the site. Any file that has the name “index” as part of its name will be attacked. The code that is appended is contained in an <iframe> tag.

The first step that you, as a website owner, need to take is to immediately change the FTP password for the site and make it very strong by using a combination of numbers, upper case and lower case letters, and special characters and make it at least 8 characters long.

Some other points to remember are, never send FTP username and password via email or Instant Messaging. If you have to do it, make sure you send it in some encrypted form, or send it in 2 separate emails. Also, talk to your web host and make sure that they have installed the necessary security fixes to improve internal security and prevent further attacks.

iframe-attack

http://www.brookscourier.com and http://www.easterncourier.net were among the sites affected by this hacking program. In the screenshot above, you can see that Google has put a warning message for the site that reads “This site may harm your computer”.

This goes to show that this issue can be harmful and needs to be fixed as soon as possible.

No TweetBacks yet. (Be the first to Tweet this post)
Bookmark this post! Enjoy and Share it please:
  • Twitter
  • LinkedIn
  • Facebook
  • Google Bookmarks
  • MySpace
  • Digg

Filed under Management, Tips by admin

Permalink Print Comment

Comments on Malicious iframe attack »

September 2, 2009

online personal classifieds @ 2:33 am

Great article! Thank you very much for it!

regards

Permalink Reply

Leave a Comment