D
DelJo63
Computerworld, March 13, 2008 (Computerworld) reports:
DEFENSE
1- IE users have the tools->options->Security Settings tab to [x] prompt for IFRAMES
2- instead of using any site hosted Search tool;
copy the domain portion of the URL without the http:// COPY just www.google.com
and use google search, eg in the google keyword search box,
enter
(2) may not always work for low traffic sites as google may not have crawled the contents.
www.google.com
Likely relying on an automated tool to do the dirty work, the hackers add IFrame code to the saved search results on the sites,
Greenbaum said. The next visitor that uses the search tool is then redirected to another Web site
by the IFrame code. The second site in turn puts up a message telling the user that a new codec (coder/decoder) needs to be installed.
Accepting the codec takes the user to still another site, which actually hosts the malware --
a new variant of the Zlob Trojan horse -- and installs it on the victim's PC.
Danchev listed more than 20 sites that together account for more than 401,000 IFrame-injected pages.
The sites include high-profile sites such as the North Carolina State University library,
the U.S. Administration on Aging and the U.S. government's Medicare program,
as well as questionable sites such as BitTorrent sites hosting pirated software and other content.
the full article is hereDEFENSE
1- IE users have the tools->options->Security Settings tab to [x] prompt for IFRAMES
2- instead of using any site hosted Search tool;
copy the domain portion of the URL without the http:// COPY just www.google.com
and use google search, eg in the google keyword search box,
enter
site:the domain
and then add your search terms
eg site:www.google.com my search terms(2) may not always work for low traffic sites as google may not have crawled the contents.
www.google.com
Last edited by a moderator: