Password-stealing hackers infect thousands of Web pages

[ronjor]

Quote:

San Francisco - Hackers looking to steal passwords used in popular online games have infected more than 10,000 Web pages in recent days.

Story

[ccsito]

Just think of it like going to a hotel room. You are using something that others have used before. You never know what you will pick up.

[Dorn]

wow if they can infect the trend micro website then the trend are not so good at giving protection.
I remember someone said that they had the best antivirus but it doesnt seem so

[innerpeace]

Quote:

Originally Posted by Dorn

wow if they can infect the trend micro website then the trend are not so good at giving protection.
I remember someone said that they had the best antivirus but it doesnt seem so

The quality of an AV has nothing to do with a hacked website. This is becoming a very common occurrence and it's happened to other security sites as well.

From the article:

Quote:

The attack code takes advantage of bugs that have already been patched, so users whose software is up-to-date are not at risk. However, McAfee warns that some of the exploits are for obscure programs such as ActiveX controls for online games, which users may not think to patch.

If you keep everything up to date, then you have nothing to worry about .

[Hermescomputers]

I agree with innerpeace, the quality of an AV has nothing to do with hacked web sites...
They are looking for vulnerable php scripts or others like ajax or Java... so be on the lookout when you build web sites that you update the scripts you use to add value features... That is what they are looking to exploit!

Unfortunately many developers build in the features but never update the scripts to keep them secure... There lies the vulnerability! Also very few web sites have technology to monitor hacks to script engines for their sites... it's technically complex so most never bother... It can also be expensive bandwidth wise and most due to a lack of understanding delegate the security to the Web server security instead of monitoring the sites themselves for code injections or SQL injections via vulnerable bi directional scripted gateways.

Typically the hackers will use web crawlers, and spiders practically identical to those used by search engines to craw a web site to build and profile all vulnerable scripts it can find then it attacks them with code injections... sometimes it will do so blindly without even scanning... I guess not all hackers are created equal.

For example yesterday I had a hacker trying to inject code into one of my web sites. 8 code injections attacks in total from 4 different countries... (All the same hacker probably).

He was scanning for the following vulnerable scripts:

Here is a small but very fresh sample of what they are usually looking for:

Webmasters You could be at risk if you run one of these scripts :
ActiveCalendar / ActiveKB / Artmedic CMS / Bubbling Library / Dayfox Blog / eNetman / ISS Proventia GX5008 / ISS Proventia GX5108 / L2J Statistik Script / Minki / PHPDJ / Synergiser / Verlihub Control Panel / ZPanel

[cheater87]

Will Noscript and Firefox with adblock plus stop this? Noscript has an option to block web bugs.

[Hermescomputers]

Quote:

Originally Posted by cheater87

Will Noscript and Firefox with adblock plus stop this? Noscript has an option to block web bugs.

Well.. If you mean the examples I produced in my previous post, no as these are scripts on web servers within the sites themselves. The hacks the scans are seeking to inject in this case are in those sites Not on your pc. However as far as you browsing to a site with the exploit active, then yes Noscrip should be able to protect you given that you do not enable the scripts with the hacks. Unfortunately it is difficult to juge which scripts to allow simply based on a visit. One must be able to recognize a hack from a legitimate script to allow it safely...

This is why I recommend the trio Firefox w/NoScript + Linkscanner Pro + SiteAdvisor as they sort of complement each others as well as work as a fail safe mechanism when one may miss a bad script the other might catch it...