Thursday, June 4, 2009

Is your Website Infected?

This week a new round of javascript injections are infecting legitimate websites. The active exploit site uses a name similar to the Google Analytics domain (google-analytics.com), which provides website stat services to webmasters.

If a user loads the site with the injection code they get passed onto a site that tries to exploit Internet Explorer or Firefox vulnerabilities to infect the users computer with malware. If the false site can't find a browser vulnerability, it tries to trick the user into downloading a Trojan.

All Webmasters should check their site regularly for any code they know shouldn't be there.
Most injection exploits can be found in the head section or just before the ending Body tag in your web pages.

They are almost always javascript and can contain an iframe.
If your using any scripts that accept user input in forms, guestbooks ect, be sure to secure them. Escaping characters is essential.

There are always going to be new exploits. Anti-virus companies, software developers and Microsoft, Apple and the rest all try to patch these exploits but it's really up to the user to be sure they are secure.

No comments:

Post a Comment