Tweet Week: Oct 5-11, 2009
Selected short messages and links you might have missed if you don’t follow me on Twitter.
Oct 6, 2009
Yet another Beladen/Goscanpark story from a server admin
http://www.linuxquestions.org/questions/linux-security-4/virus-in-a-server-malware-running-randomly-in-all-server-sites.-758806/#post3708050
Story from my blog reader: 60 support tickets and 1,000 screenshots before his hosting provider took action. (His site was hosted on a Goscanpark-infected server)
Oct 8, 2009
Researchers Hijack a Drive-By Botnet – insights from the inside
Oct 9, 2009
I see loads of spammy accounts on CommunityServer-powered sites. Sample Google search: http://www.google.com/search?q=inurl%3Amembers+inurl%3Aaspx+tramadol – they look like hacked
The Cash Factory – All aspects of the iframe-injection attack: spam, trojans, passwords, etc.
Oct 10, 2009
The Malware Warning Review Process – from Google Anti-Malware team
If you want more real-time experience, you can follow @unmaskparasites on Twitter.
Similar posts:
Goscanpark: 13 Facts About Malicious Server-Wide Meta Redirects.
I’ve discovered a new emerging malware attack today. Actually two attacks, but in this post I’ll review only one of them – server-wide goscanpark .com/goscansoon .com meta redirects.
I discovered this attack when checked Unmask Parasites logs. I noticed that many unrelated websites contained the same suspicious script so I decided to investigate this issue. The investigation is not complete yet but I think the information I’ve already collected will be useful for owners of compromised web sites. And I hope the missing parts will be added by you, the readers. Update ( July 27, 2009) : the comments are really very informative. make sure to read them.
Continue »»
About this blog
Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).
Exploit reviews, security tips, and all that jazz.
