16 August 2017
Peter Roberts

Peter's lo-fi ramblings

Peter Roberts - UCL

224Posts 694,283Views 139Comments

Thousands of web sites have mystery malware exploit

17 January 2008  |  1919 views  |  0

Interesting item covered by The Register about a huge number of web sites apparently serving up malware. And as yet no one has worked out how they were compromised.

This is a really sneaky exploit - when a user requests the home page from the site, a reference to a local javascript file is included dynamically in the page. The name of the file changes randomly and the file only exists while the user is accessing the page. So it doesn't persist and can't be spotted by admins. The javascript contains multiple exploits to attempt to install a backdoor to your system.

No one has yet worked out how these servers were compromised in the first place. Most of them are running Apache on Unix/Linux - so what sets these apart from the many tens of thousands of hosting servers running the same stuff?

Earlier in the week the estimate was around 10,000 infected sites.

You can read the full story at Scansafe and The Register.

Be careful out there. 

TagsSecurity

Comments: (0)

Comment on this story (membership required)

Latest posts from Peter

ATM? No mate, it's a cutting edge work of art

20 August 2010  |  5091 views  |  0 comments | recomends Recommends 1 GroupWhatever...

German robbers blow up bank

26 May 2010  |  4585 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Hacking your bank with the help of social networks...

29 April 2010  |  5039 views  |  0 comments | recomends Recommends 0 TagsSecurity

Britons tech knowledge a little lacking?

15 January 2010  |  4520 views  |  1 comments | recomends Recommends 0 GroupWhatever...

Is it just me or has online banking got worse?

04 January 2010  |  5201 views  |  5 comments | recomends Recommends 0 Tags

Peter's profile

job title Moodle support
location London
member since 2008
Summary profile See full profile »
I was the technical lead on the Finextra family of web sites from 1999 to 2009. I'm at UCL these days supporting Moodle.

Peter's expertise

Member since 2006
224 posts139 comments

Who's commenting on Peter's posts