Iframe / Virus in Website Pages, How to Fix Iframe issue

The reason why this virus comes is only because of the either of the following :

1) You have a weak 7 vulnerable code on your website which is exploited by a hacker.
2) Your ftp password is weak and generally a dictionary word which is cracked by brute force attempts.

How Iframe Virus Works?
The hackers behind this have not actually “hacked” into servers, but are using the Webs OWN programming errors to inject this code into search results pages created by the Web sites OWN internal search engines!

The hacker searches for popular keywords, like “furniture” on the Wal-Mart Web site using its internal search engine. But instead of running a normal search, the (hacker?) adds on an HTML command to the end of his search string. HTML = hyper text markup Language…the stuff we write websites with mainly.
This command then opens up an invisible “iframe” window in the victims browser which then redirects to a malicious Web site, which then (if successful) installs fake antispyware or a version of the “Zlob Trojan Horse” – a malware on the victims (meaning YOU) PC.

And hear this! These (hackers) actually have great Google rankings!!
In order to boost their Google rankings, Web sites often save a copy of these search results and submit them to Google. When a victim searches Google for the keyword, these cached search results then pop up, with the malicious code now inside them.

How the hack is done?
Client side PC infected with virus.
Virus gets FTP username/password from the FTP clients.
Using the username/password, the virus downloads the index files, add iframe code it and re-uploads it.
The iframe code points to the same virus. So, anyone accessing this website gets infected with the same virus, and it uses the FTP username/password to spread again!!!!

Solutions #

1) Ensure that your code is free from such kind of vulnerabilities.
2) Change all the ftp passwords and keep them safe & a combination of alpha + numbers + special characters like ^%$@^#%
3) Before updating the new password in their FTP clients, advise them to do a full system Virus scan with a reliable virus scanner updated with the latest virus definition files.
4) Advise the clients not to save ( remember ) the FTP username/password on FTP clients.

Author: Tanuj

Advertisements

2 Comments

  1. Polprav said,

    October 16, 2009 at 1:06 pm

    Hello from Russia!
    Can I quote a post in your blog with the link to you?

    • Chandra Sekar Vinod Kumar said,

      February 6, 2010 at 7:05 am

      sure


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: