Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware script questions


  • Please log in to reply
1 reply to this topic

#1 JC74

JC74

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:05 PM

Posted 22 April 2009 - 10:05 PM

Hi,

I am a web designer, and one of my clients' websites got hit by malware script. Some strange VB script was added to the index page. I have removed the script, and the site is up and running again. But I have couple questions regarding malware script and hope some of you could kindly provide me some answers.

1. How did malware script get added to the site? A programmer told me it picks site randomly and adds the script to it.

2. How can I prevent the website from getting hit by malware script again?

Any help appreciated, thanks!

J

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:05 PM

Posted 23 April 2009 - 02:05 PM

Virus writers and attackers use various methods and techniques to spread malware.

A large number of infections spread via Internet Relay Chat, by visiting underground web pages, adult, gaming or pirated software sites, and by using peer-to-peer (P2P) file sharing programs which are a security risk that can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such sites may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The infection also spreads through emails containing links to websites that exploit your web browser’s security holes and by exploiting a vulnerability in older versions of Sun Java. When you click on an infected email link or spam, Internet Explorer launches a site that stealthy installs a Trojan so that it can run every time you startup Windows and download more malicious files. For more detail on how these types of rogue programs and infections install themselves, read:Other types of infections spread by visiting malicious and legitimate web sites that have been compromised through various hacking techniques to include the use of malicious code and exploitation of Browser/Operating System vulnerabilities.

...More than 90 percent of these webpages belong to legitimate sites that have been compromised through hacking techniques such as SQL Injection...Hackers are apparently planting viruses into websites instead of attaching them to email. Users without proper security in place get infected by simply clicking on these webpages.

One webpage gets infected by virus every 5 seconds
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users