Author Topic: WEB SECURITY ALERT  (Read 2009 times)

0 Members and 1 Guest are viewing this topic.

Offline Johnnie F.

WEB SECURITY ALERT
« on: July 17, 2013, 08:09:31 AM »
It seems that one of the local websites has been infected and attempts to spread the virus to computers of people opening that website. It is therefore recommended to run an effective and updated FIREWALL on your computer.

Fun is the one thing that money can't buy
 

Offline Johnnie F.

Re: WEB SECURITY ALERT
« Reply #1 on: July 17, 2013, 06:58:04 PM »
AVG also recognizes and kills the threat:


There is info on the nature of the trojan on Wikipedia:

http://en.wikipedia.org/wiki/Blackhole_exploit_kit

Fun is the one thing that money can't buy
 

sicho

  • Guest
Re: WEB SECURITY ALERT
« Reply #2 on: July 17, 2013, 07:25:12 PM »
An intrusion attempt by ...? Norton intercepts it but then AVG finds it too? What's going on?
 

Offline Johnnie F.

Re: WEB SECURITY ALERT
« Reply #3 on: July 17, 2013, 07:37:37 PM »
Quote
Basic summary of how Blackhole works

1.    The customer licenses the Blackhole exploit kit from the authors and specifies various options to customize the kit.
2.    A potential victim loads a compromised web page or opens a malicious link in a spammed email.
3.    The compromised web page or malicious link in the spammed email sends the user to a Blackhole exploit kit server's landing page.
4.    This landing page contains obfuscated JavaScript that determines what is on the victim's computers and loads all exploits to which this computer is vulnerable and sometimes a Java applet tag that loads a Java Trojan horse.
5.    If there is an exploit that is usable, the exploit loads and executes a payload on the victim's computer and informs the Blackhole exploit kit server which exploit was used to load the payload.

Sounds to me, like somebody buys that software, puts it on his website, to get into those peoples' computers who open his website, to spy on them etc. And I thought they do that in America only, Isaan were still safe!
Fun is the one thing that money can't buy
 

sicho

  • Guest
Re: WEB SECURITY ALERT
« Reply #4 on: July 17, 2013, 07:40:10 PM »
I'm still not clear about this. Is it the case that the website owner or Admin. instigates this mischief?
 

Offline Johnnie F.

Re: WEB SECURITY ALERT
« Reply #5 on: July 17, 2013, 07:47:14 PM »
I'm still not clear about this. Is it the case that the website owner or Admin. instigates this mischief?

Unless somebody else hacked into that website and placed that virus, yes! But people, who had boasted before that they can hack into other sites, or are suspected of having hacked other sites and email accounts, can be expected to sufficiently secure their own site from other hackers. Leaves the suspicion of them having placed that virus themselves.
Fun is the one thing that money can't buy
 

sicho

  • Guest
Re: WEB SECURITY ALERT
« Reply #6 on: July 17, 2013, 09:25:10 PM »
Thanks, JF, I've got the picture now.
 

Offline Baby Farts

Re: WEB SECURITY ALERT
« Reply #7 on: July 18, 2013, 10:35:40 AM »
The boy was talking about this last night at The Walrus.  He even made an effort to get on the Pub's PC to check his website.  When he was done using their PC he made the comment, "My website is infected with some virus."

Think about this for a moment.  He used this Pub's PC to access his own website knowing that his website isXXn.com was infected, therefore effectively infecting the PUB's PC too.  Very clever. 

If you knew your website was infected, would you use someone's PC to access the website and infect them too?  That's basically what he did.
 

Offline Baby Farts

Re: WEB SECURITY ALERT
« Reply #8 on: July 18, 2013, 12:10:21 PM »
Quote:

But with programs and you pay people, you can get anything you want!
 

 



Thailand
Statistics