msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Reporting Suspicious Styles

22 Nov 13   Filed in Unmask Parasites with 0 Comments

Back in 2008, the very first task that I created Unmask Parasites for was scanning web pages for hidden links.

I read an article about thousands of WordPress blogs being stuffed with dozens of invisible spammy links. I had a self-hosted WordPress blog too and that article made me think if there was some easy way to figure out whether my blog was hacked, something less laborious than manually examining the HTML code link by link. So I decided to create a tool that would show all domains that my web pages linked to highlighting those of them that had “invisible” styles. This approach has proved to be very efficient in identifying black hat SEO hacks. In most cases, a glance is enough to spot such problems.
Continue »»

Unmask Parasites joins Sucuri

20 Sep 13   Filed in Unmask Parasites with 2 Comments

It’s official. This week Unmask Parasites joins Sucuri!

Since July of 2008 when I released the first public version, Unmask Parasites was a “one man project” and it worked fine for me most of the time. I did everything myself from server setup to site development, from web attack investigations to blogging here. During these years Unmask Parasites became quite noticeable both within webmasters and Internet security community. And I always tried to meet their expectations providing a tool that could reveal various obscure website security issues and sharing information on how and why websites get hacked, and what can be done to prevent it.
Continue »»

Matt Cutts on Malware

11 Jan 12   Filed in Tips and Tricks, Unmask Parasites with Comments Off

Continue »»

Unmasking “Canonical” Hacks

22 May 11   Filed in Unmask Parasites with Comments Off

As a follow up to the recent Matt Cutt’s tweet and blog post about emerging rel=canonical hacks, I did a detailed guest post on StopBadware blog about this problem.

In that article, I wrote about how such hacks work and how cyber-criminals can use this hard-to-detect attack to hijack search results of compromised sites. You can also find a short review of a real “rel=canonical” attack that affected quite a few websites.

As always, I wrote about tools and techniques that can help you diagnose hacks that try to make Google think that your site has moved to a new domain name. Unfortunately, at this point no tools that I know of specifically check for rogue “rel=canonical” instructions. However, more universal file integrity monitoring solutions can be really efficient as they will inform about any unexpected modifications.
Continue (how Unmask Parasites reveals rel=canonical hacks) »»

1 Million Pages Checked by Unmask Parasites!

05 Dec 10   Filed in Unmask Parasites with Comments Off
Milestone: 1 Million pages checked

1 Million web pages have been checked by Unmask Parasites since July 1, 2008.
167,033 of them were found suspicious for one reason or another.

This happened on December 5, 2010 around 00:00 GMT.

Looking forward for the second million :)

Happy 2nd Birthday, Unmask Parasites!

01 Jul 10   Filed in Unmask Parasites with 4 Comments

Unmask Parasites turns two years old today!

A year ago I posted some statistics. Let’s compare the first two years.
Continue »»

Introduction to Website Parasites

14 Apr 10   Filed in General, Unmask Parasites with 6 Comments

Wikipedia defines Parasitism as a “type of symbiotic relationship between organisms of different species in which one, the parasite, benefits from a prolonged, close association with the other, the host, which is harmed.”

This definition perfectly describes relationships between hackers and legitimate websites. As it often happens in real life, the host (legitimate website and its owner) may be completely unaware of parasites until the harmful effect becomes obvious (e.g. drops in traffic, lost search engine rankings, site gets blacklisted, etc. ). And it doesn’t matter how big or small your site is and how malicious the hack is – this is the sort of relationships where parasites (hackers) always win and legitimate websites always lose.

As a webmaster, you can be more effective at detecting and mitigating parasitic activities if you know how hackers can benefit from your site .
Continue »»

Round up of Unmask Parasites Improvements

12 Jan 10   Filed in Unmask Parasites with 1 Comment

In the last couple of months of 2009 I quitely rolled out some improvements to Unmask Parasites. I couldn’t find enough time to blog about them since there always had been some nasty malware attack that I needed to investigate and write about here. Finally, I decided that the new year beginning is the proper time to round up some improvements and new features of the last year.
Round up »»

54F3 Ads on Unmask Parasites Site

09 Sep 09   Filed in Unmask Parasites with Comments Off

As you know, Unmask Parasites is a free independent service. And I hope it will always be free. However, to be able to pay my bills, I placed Google’s contextual ads on this site.

I think, Google AdSense worked well for me (not great though). I didn’t have to search for sponsors – Google picked the most relevant ads from their vast advertizing network for me. The ads are almost guaranteed to be safe (you know, some ad networks fail to detect banners that contain malicious code). And the earnings were enough to pay for the site hosting and domain names (these are the only direct expenses I have).

This month, as an experiment, I decided to accept Jason Remillard‘s offer and replaced AdSense block at the top of Unmask Parasites report pages with a banner of his 54f3.com service.
Continue »»

Happy Birthday Unmask Parasites!

01 Jul 09   Filed in Unmask Parasites with 4 Comments

Exactly one year ago I purchased the UnmaskParasites.com domain name and made the first early beta version of my new service available for public testing.

One year later Unmask Parasites is still in beta but now it’s a much more mature service that has proven its viability.

Many interesting things happened during this year.  I’m not a good writer to make it an interesting reading, so I’ll only list some milestones, facts and statistics here.
Continue »»