Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
Loading site search ...

Tweet Week: March 22-28, 2010

28 Mar 10   Filed in Tweet Week with Comments Off on Tweet Week: March 22-28, 2010

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Open X hack, Firefox 0-day + NoScript + update, Scareware + Zeus … »»

Why is WordPress 2.8.2 a Critical Update?

20 Jul 09   Filed in Tips and Tricks, Website exploits with 4 Comments

WordPress has just released a security update.

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site

Unfortunately, the official blog didn’t mention that this upgrade is actually critical and why you should update ASAP. Let me explain this.
Continue »»

GStats .cn and GCounter .cn – Malicious Code in .js Files

22 Jun 09   Filed in Tips and Tricks, Website exploits with 7 Comments

This must be not a new attack (I’ve found an almost year old article that mentions gcounter iframes) but I started to notice it this past weekend. First, on the Google’s Webmaster Forums, then in the Unmask Parasites logs. So I guess it’s a new wave of the attack.

GCounter .cn

When I first encountered a site infected by gcounter, I checked it with Unmask Parasites. Nothing suspicious was found except for the fact that the domain name was blacklisted by Google. I checked the diagnostic page and found this clue:

Malicious software is hosted on 1 domain(s), including

Continue »»

NoScript Helps Reveal Website Exploits – Telegram .com Case

13 May 09   Filed in Tips and Tricks with Comments Off on NoScript Helps Reveal Website Exploits – Telegram .com Case

FireFox + NoScript

Screenshot: NoScript

I usually suggest that you should use FireFox with the NoScript plugin for safer web browsing. This combo will save you from most web threats. Just remember one rule: Never use the “Allow this page” and the “Allow Scripts Globally” options.

NoScript reveals website exploits

NoScript is also a great helper in revealing tricky website exploits.

Let me use the “Telegram .com” case to show how I use it. Continue »»