Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Two Malware Trends Combined in One Attack

06 Oct 10   Filed in Website exploits with 8 Comments

Two of the major trends in malware attacks described on this blog this summer were the use of hijacked DNS records of legitimate domains and continuous attacks against sites on MediaTemple and RackSpace. In the end of this September, I noticed a new attack that combined these two trends.

At higher level, this attack is no different from many preceding variations that hit MediaTemple. It prepends malicious code to the first line of some existing .js files or injects it inside the <ads>…</ads> tags at the bottom of HTML code of legitimate web pages.

However, soon you notice new techniques.
Continue »»


Tags:

Two Tweet Weeks: August 30 – September 12, 2010

13 Sep 10   Filed in Tweet Week with 1 Comment

Selected short messages and links you might have missed if you don’t follow me on Twitter.

new type of Fake AV, TechCrunch hacked, app vulnerabilities and updates … »»


Tags:

Tweet Week: August 9-15, 2010

16 Aug 10   Filed in Tweet Week with Comments Off

Selected short messages and links you might have missed if you don’t follow me on Twitter.

SQL-injection, MediaTemple issues, exploited phpMyAdmin vulnerability … »»


Tags:

Pqshow .org Scripts – New Plague On MediaTemple Sites

14 Aug 10   Filed in Website exploits with 19 Comments

New week — new attack on MediaTemple-hosted sites.

Almost everything remains the same as in the last week’s attack I described here. The only difference is the new script and the new remote malicious site – bl .pqshow .org.
Continue »»


Tags:

Malicious “ads” and “bars” on RackSpace & MediaTemple

08 Aug 10   Filed in Website exploits with 21 Comments

Right before this week-end I noticed an increased number of sites hosted on MediaTemple and RackSpace coming to Unmask Parasites with the same problem — their sites are blocked by Google and their diagnostic pages mention the following five domains: “myads .name“, “adsnet .biz“, “toolbarcom .org“, “mybar .us“, “freead .name“.
Continue »»


Tags:

Tweet Week: July 12-18, 2010

18 Jul 10   Filed in Tweet Week with Comments Off

Selected short messages and links you might have missed if you don’t follow me on Twitter.

nginx as reverse proxy, WP redirects on MediaTemple, Image search spam … »»


Tags:

Tweet Week: Nov 23-29, 2009

29 Nov 09   Filed in Tweet Week with 1 Comment

Selected short messages and links you might have missed if you don’t follow me on Twitter.

IE vulnerability, MediaTemple security issues, Google Webmaster Tools … »»


Tags:
sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:  RSS   Email   Twitter   G+
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
advertisement

Has your website been hacked?

We're here to help you get back up and running with minimal downtime!

Call us now at 1-800-639-6442

www.HackRepair.com
sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes