Legitimate Web sites continue to be infected
Erik Larkin at PC World reports that legitimate Web sites around the world are continuing to be infected by an exploit called “SQL injection”. Visiting one of these sites will cause malware to be downloaded to your computer if it is not properly defended. JavaScript is used in these attacks so the various posts I have made about scripting apply. Your biggest danger is if one of your trusted sites gets infected. For example, the National Health Service in the UK was hit so you can’t be sure about anything.
Larkin suggests a way to check if a site has the malware lurking in the HTML for its pages. It relies on Google doing frequent updates of its database and consists of searching with Google to detect one of three JavaScript files that do the dirty work. The recommended Google searches are:
- site:somedomain “b.js”
- site:somedomain “ngg.js”
- site:somedomain “fgg.js”
For example, to search “vlaurie.com”, the query is
and so forth. Don’t forget the “site:” in front of the domain you want to check. Additional information is available at the security site Finjan.com
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Sorry, the comment form is closed at this time.