Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Network Solutions and WordPress Security Flaw

11 Apr 10   Filed in Website exploits with 48 Comments

I first noticed this hidden iframe from hxxp://networkads .net/ grep/ on April 7. It instantly drew my attention with these weird “iframe_style” scripts in Unmask Parasites reports (I even thought it was a bug in Unmask Parasites, but when I checked the infected site, I found those scripts there).

weird scripts

However it was a single incident and I didn’t see any obvious pattern back then. Two days later, when I noticed David’s (Sucuri Security) article about this very issue and the follow-up by Brian Krebs, I decided to take a closer look at it. What I found is quite interesting and raises a few serious questions about security of websites on shared servers.
Continue »»


Tags:

Spammy Links From Remote Servers

07 Apr 10   Filed in Website exploits with 2 Comments

Hidden spammy links injected into web pages on legitimate websites is quite a widespread type of hacker attacks. These parasites try to suck all the “PageRank juice” out of any website they manage to break into and put their shady web pages high in search results.

There are many ways hackers can inject links. They can insert them as plain HTML (will work on most sites) or as an encrypted PHP code (the files should be processed as PHP). Hackers can even use SQL injection on database-driven sites that don’t properly sanitize user input.

Decoupling code from data

Sometimes hackers decouple code from data and inject only some PHP instructions that load spammy links from a standalone file. This makes the construction more flexible since they can simply change the content of that single file whenever they decide to promote a new set of links – no need to update every infected file on a site.

In this post, I’ll show a even more clever way of decoupling code from data.
Continue »»


Tags:

Tweet Week: March 8-14, 2010

14 Mar 10   Filed in Tweet Week with 0 Comments

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Security discussions, hidden links in WordPress, new vulnerabilities, StopBadware wants bad URLs, etc. … »»


Tags:

Security Lesson From a Kenyan Marathon Runner

30 Jun 09   Filed in General with 0 Comments

If you have a site/blog but you are not a techie and don’t know much about website security, you might want to read this article written by a Kenyan marathon runner about how his blog was hacked.

He received an email from Google saying that his site had been temporarily removed from search index because it contained hidden spam links and thus violated Google’s guidelines.
Continue »»


Tags:
sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:   RSS   Email   Twitter
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes