Wp-config.php | Unmask Parasites. Blog.

Loading site search ...

Malicious “ads” and “bars” on RackSpace & MediaTemple

08 Aug 10 Filed in Website exploits with 16 Comments

Right before this week-end I noticed an increased number of sites hosted on MediaTemple and RackSpace coming to Unmask Parasites with the same problem — their sites are blocked by Google and their diagnostic pages mention the following five domains: “myads .name“, “adsnet .biz“, “toolbarcom .org“, “mybar .us“, “freead .name“.
Continue »»

Tags: Joomla MediaTemple mySql obfuscated script RackSpace WordPress wp-config.php

Network Solutions and WordPress Security Flaw

11 Apr 10 Filed in Website exploits with 48 Comments

I first noticed this hidden iframe from hxxp://networkads .net/ grep/ on April 7. It instantly drew my attention with these weird “iframe_style” scripts in Unmask Parasites reports (I even thought it was a bug in Unmask Parasites, but when I checked the infected site, I found those scripts there).

However it was a single incident and I didn’t see any obvious pattern back then. Two days later, when I noticed David’s (Sucuri Security) article about this very issue and the follow-up by Brian Krebs, I decided to take a closer look at it. What I found is quite interesting and raises a few serious questions about security of websites on shared servers.
Continue »»

Tags: alkoltashov binglbalts.com hidden links iframe mainnetsoll.com Network Solution networkads.net obfuscated script password WebEasySearch WordPress wp-config.php

Malicious “ads” and “bars” on RackSpace & MediaTemple

Network Solutions and WordPress Security Flaw

About this blog

Recent Posts

Categories

Recent Comments