Best of the Week
Most Popular
1. Investing in a Bubble Mania Stock Market Trending Towards Financial Crisis 2.0 CRASH! - 9th Sep 21
2.Tech Stocks Bubble Valuations 2000 vs 2021 - 25th Sep 21
3.Stock Market FOMO Going into Crash Season - 8th Oct 21
4.Stock Market FOMO Hits September Brick Wall - Evergrande China's Lehman's Moment - 22nd Sep 21
5.Crypto Bubble BURSTS! BTC, ETH, XRP CRASH! NiceHash Seizes Funds on Account Halting ALL Withdrawals! - 19th May 21
6.How to Protect Your Self From a Stock Market CRASH / Bear Market? - 14th Oct 21
7.AI Stocks Portfolio Buying and Selling Levels Going Into Market Correction - 11th Oct 21
8.Why Silver Price Could Crash by 20%! - 5th Oct 21
9.Powell: Inflation Might Not Be Transitory, After All - 3rd Oct 21
10.Global Stock Markets Topped 60 Days Before the US Stocks Peaked - 23rd Sep 21
Last 7 days
CATHY WOOD ARK GARBAGE ARK Funds Heading for 90% STOCK CRASH! - 22nd Jan 22
Gold Is the Belle of the Ball. Will Its Dance Turn Bearish? - 22nd Jan 22
Best Neighborhoods to Buy Real Estate in San Diego - 22nd Jan 22
Stock Market January PANIC AI Tech Stocks Buying Opp - Trend Forecast 2022 - 21st Jan 21
How to Get Rich in the MetaVerse - 20th Jan 21
Should you Buy Payment Disruptor Stocks in 2022? - 20th Jan 21
2022 the Year of Smart devices, Electric Vehicles, and AI Startups - 20th Jan 21
Oil Markets More Animated by Geopolitics, Supply, and Demand - 20th Jan 21
WARNING - AI STOCK MARKET CRASH / BEAR SWITCH TRIGGERED! - 19th Jan 22
Fake It Till You Make It: Will Silver’s Motto Work on Gold? - 19th Jan 22
Crude Oil Smashing Stocks - 19th Jan 22
US Stagflation: The Global Risk of 2022 - 19th Jan 22
Stock Market Trend Forecast Early 2022 - Tech Growth Value Stocks Rotation - 18th Jan 22
Stock Market Sentiment Speaks: Are We Setting Up For A 'Mini-Crash'? - 18th Jan 22
Mobile Sports Betting is on a rise: Here’s why - 18th Jan 22
Exponential AI Stocks Mega-trend - 17th Jan 22
THE NEXT BITCOIN - 17th Jan 22
Gold Price Predictions for 2022 - 17th Jan 22
How Do Debt Relief Services Work To Reduce The Amount You Owe? - 17th Jan 22
RIVIAN IPO Illustrates We are in the Mother of all Stock Market Bubbles - 16th Jan 22
All Market Eyes on Copper - 16th Jan 22
The US Dollar Had a Slip-Up, but Gold Turned a Blind Eye to It - 16th Jan 22
A Stock Market Top for the Ages - 16th Jan 22
FREETRADE - Stock Investing Platform, the Good, Bad and Ugly Review, Free Shares, Cancelled Orders - 15th Jan 22
WD 14tb My Book External Drive Unboxing, Testing and Benchmark Performance Amazon Buy Review - 15th Jan 22
Toyland Ferris Wheel Birthday Fun at Gulliver's Rother Valley UK Theme Park 2022 - 15th Jan 22
What You Should Know About a TailoredPay High Risk Merchant Account - 15th Jan 22
Best Metaverse Tech Stocks Investing for 2022 and Beyond - 14th Jan 22
Gold Price Lagging Inflation - 14th Jan 22
Get Your Startup Idea Up And Running With These 7 Tips - 14th Jan 22
What Happens When Your Flight Gets Cancelled in the UK? - 14th Jan 22
How to Profit from 2022’s Biggest Trend Reversal - 11th Jan 22
Stock Market Sentiment Speaks: Are We Ready To Drop To 4400SPX? - 11th Jan 22
What's the Role of an Affiliate Marketer? - 11th Jan 22
Essential Things To Know Before You Set Up A Limited Liability Company - 11th Jan 22
NVIDIA THE KING OF THE METAVERSE! - 10th Jan 22
Fiscal and Monetary Cliffs Have Arrived - 10th Jan 22
The Meteoric Rise of Investing in Trading Cards - 10th Jan 22
IBM The REAL Quantum Metaverse STOCK! - 9th Jan 22
WARNING Failing NVME2 M2 SSD Drives Can Prevent Systems From Booting - Corsair MP600 - 9th Jan 22
The Fed’s inflated cake and a ‘quant’ of history - 9th Jan 22
NVME M2 SSD FAILURE WARNING Signs - Corsair MP600 1tb Drive - 9th Jan 22
Meadowhall Sheffield Christmas Lights 2021 Shopping - Before the Switch on - 9th Jan 22
How Does Insurance Work In Europe? Find Out Here - 9th Jan 22
MATTERPORT (MTTR) - DIGITIZING THE REAL WORLD - METAVERSE INVESTING 2022 - 7th Jan 22
Effect of Deflation On The Gold Price - 7th Jan 22
Stock Market 2022 Requires Different Strategies For Traders/Investors - 7th Jan 22
Old Man Winter Will Stimulate Natural Gas and Heating Oil Demand - 7th Jan 22
Is The Lazy Stock Market Bull Strategy Worth Considering? - 7th Jan 22
METAVERSE - NEW LIFE FOR SONY AGEING GAMING GIANT? - 6th Jan 2022
What Elliott Waves Show for Asia Pacific Stock and Financial Markets 2022 - 6th Jan 2022
Why You Should Register Your Company - 6th Jan 2022
4 Ways to Invest in Silver for 2022 - 6th Jan 2022
UNITY (U) - Metaverse Stock Analysis Investing for 2022 and Beyond - 5th Jan 2022
Stock Market Staving Off Risk-Off - 5th Jan 2022
Gold and Silver Still Hungover After New Year’s Eve - 5th Jan 2022
S&P 500 In an Uncharted Territory, But Is Sky the Limit? - 5th Jan 2022

Market Oracle FREE Newsletter

How to Protect your Wealth by Investing in AI Tech Stocks

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in