Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Tweet Week: June 27 – July 4, 2010

04 Jul 10   Filed in Tweet Week with 1 Comment

Selected short messages and links you might have missed if you don’t follow me on Twitter.

Safer PDF viewing, Gumblar zombies, Asprox, WayBack Machine and more… »»


Tags:

Spammy Links From Remote Servers

07 Apr 10   Filed in Website exploits with 2 Comments

Hidden spammy links injected into web pages on legitimate websites is quite a widespread type of hacker attacks. These parasites try to suck all the “PageRank juice” out of any website they manage to break into and put their shady web pages high in search results.

There are many ways hackers can inject links. They can insert them as plain HTML (will work on most sites) or as an encrypted PHP code (the files should be processed as PHP). Hackers can even use SQL injection on database-driven sites that don’t properly sanitize user input.

Decoupling code from data

Sometimes hackers decouple code from data and inject only some PHP instructions that load spammy links from a standalone file. This makes the construction more flexible since they can simply change the content of that single file whenever they decide to promote a new set of links – no need to update every infected file on a site.

In this post, I’ll show a even more clever way of decoupling code from data.
Continue »»


Tags:

Anti-Pirates Unknowingly Promote Pirates

03 Oct 09   Filed in Website exploits with 1 Comment

A couple of days ago I posted my research on hacked high-ranking sites that spammers used to promote online stores selling pirated software.

Now you’ll see an amusing (and at the same time sad) illustration of the issue.
Continue »»


Tags:

“Cheap Vista” or Cloaked Spam on High-Profile Sites

01 Oct 09   Filed in Website exploits with 12 Comments

In this post, I’ll show how cybercriminals used hacked high-profile sites to drive search traffic to online stores that sell pirated copies of popular software and, presumably, steal credit card details.

I’ve been watching this sort of search spam for more than a year now. And after this post in Google’s Webmaster Help forum, I decided to take a closer look at this this problem.
Continue »»


Tags:

Security Lesson From a Kenyan Marathon Runner

30 Jun 09   Filed in General with 0 Comments

If you have a site/blog but you are not a techie and don’t know much about website security, you might want to read this article written by a Kenyan marathon runner about how his blog was hacked.

He received an email from Google saying that his site had been temporarily removed from search index because it contained hidden spam links and thus violated Google’s guidelines.
Continue »»


Tags:
sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:   RSS   Email   Twitter
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes