Best of the Week
Most Popular
1. The Trump Stock Market Trap May Be Triggered - Barry_M_Ferguson
2.Why are Central Banks Buying Gold and Dumping Dollars? - Richard_Mills
3.US China War - Thucydides Trap and gold - Richard_Mills
4.Gold Price Trend Forcast to End September 2019 - Nadeem_Walayat
5.Money Saving Kids Gardening Growing Giant Sunflowers Summer Fun - Anika_Walayat
6.US Dollar Breakdown Begins, Gold Price to Bolt Higher - Jim_Willie_CB
7.INTEL (INTC) Stock Investing to Profit From AI Machine Learning Boom - Nadeem_Walayat
8.Will Google AI Kill Us? Man vs Machine Intelligence - N_Walayat
9.US Prepares for Currency War with China - Richard_Mills
10.Gold Price Epochal Breakout Will Not Be Negated by a Correction - Clive Maund
Last 7 days
The Hottest Sports Stock Of 2020 - 23rd Sep 19
Stocks Wedge At The Edge – Front And Center - 23rd Sep 19
Stock Market Top Almost Confirmed - 23rd Sep 19
Thomas Cook COLLAPSE! 300,000 Passengers Stranded, Flights Cancelled, Planes Grounded - 23rd Sep 19
Massive Stock Market Price Reversion May Be Days or Weeks Away - 22nd Sep 19
How Russia Seized Control of the Uranium Market - 22nd Sep 19
Dow Stock Market Trend Forecast Update - 21st Sep 19
Is Stock Market Price Revaluation Event About To Happen? - 21st Sep 19
Gold Leads, Will the Rest Follow? - 21st Sep 19
Are Cowboys Really Dreaming of... Electric Trucks? - 21st Sep 19
Gold among Negative-Yielding Bonds - 20th Sep 19
Panicky Fed Flooding Overnight Markets with Cash - 20th Sep 19
Uber Stock Price Will Crash on November 6 - 20th Sep 19
Semiconductor Stocks Sector Market & Economic Leader - 20th Sep 19
Learning Artificial Intelligence - What is a Neural Network? - 20th Sep 19
Precious Metals Setting Up Another Momentum Base/Bottom - 20th Sep 19
Small Marketing Budget? No Problem! - 20th Sep 19
The Many Forex Trading Opportunities the Fed Day Has Dealt Us - 19th Sep 19
Fed Cuts Interest Rates and Gold Drops. Again - 19th Sep 19
Silver Still Cheap Relative to Gold, Trend Forecast Update Video - 19th Sep 19
Baby Boomers Are the Worst Investors in the World - 19th Sep 19
Your $1,229 FREE Tticket to Elliott Market Analysis & Trading Set-ups - 19th Sep 19
Is The Stock Market Other Shoe About To Drop With Fed News? - 19th Sep 19
Bitcoin Price 2019 Trend Current State - 18th Sep 19
No More Realtors… These Start-ups Will Buy Your House in Less than 20 Days - 18th Sep 19
Gold Bugs And Manipulation Theorists Unite – Another “Manipulation” Indictment - 18th Sep 19
Central Bankers' Desperate Grab for Power - 18th Sep 19
Oil Shock! Will War Drums, Inflation Fears Ignite Gold and Silver Markets? - 18th Sep 19
Importance Of Internal Rate Of Return For A Business - 18th Sep 19
Gold Bull Market Ultimate Upside Target - 17th Sep 19
Gold Spikes on the Saudi Oil Attacks: Can It Last? - 17th Sep 19
Stock Market VIX To Begin A New Uptrend and What it Means - 17th Sep 19
Philippines, China and US: Joint Exploration Vs Rearmament and Nuclear Weapons - 17th Sep 19
What Are The Real Upside Targets For Crude Oil Price Post Drone Attack? - 17th Sep 19
Curse of Technology Weapons - 17th Sep 19
Media Hypes Recession Whilst Trump Proposes a Tax on Savings - 17th Sep 19
Understanding Ways To Stretch Your Investments Further - 17th Sep 19
Trading Natural Gas As The Season Changes - 16th Sep 19
Cameco Crash, Uranium Sector Won’t Catch a break - 16th Sep 19
These Indicators Point to an Early 2020 Economic Downturn - 16th Sep 19
Gold When Global Insanity Prevails - 16th Sep 19
Stock Market Looking Toppy - 16th Sep 19
Is the Stocks Bull Market Nearing an End? - 16th Sep 19
US Stock Market Indexes Continue to Rally Within A Defined Range - 16th Sep 19
What If Gold Is NOT In A New Bull Market? - 16th Sep 19
A History Lesson For Pundits Who Don’t Believe Stocks Are Overvalued - 16th Sep 19
The Disconnect Between Millennials and Real Estate - 16th Sep 19
Tech Giants Will Crash in the Next Stock Market Downturn - 15th Sep 19
Will Draghi’s Swan Song Revive the Eurozone? And Gold? - 15th Sep 19
The Race to Depreciate Fiat Currencies Is Accelerating - 15th Sep 19
Can Crypto casino beat Hybrid casino - 15th Sep 19
British Pound GBP vs Brexit Chaos Timeline - 14th Sep 19
Recession 2020 Forecast : The New Risks & New Profits Of A Grand Experiment - 14th Sep 19
War Gaming the US-China Trade War - 14th Sep 19
Buying a Budgie, Parakeet for the First Time from a Pet Shop - Jollyes UK - 14th Sep 19
Crude Oil Price Setting Up For A Downside Price Rotation - 13th Sep 19
A “Looming” Recession Is a Gold Golden Opportunity - 13th Sep 19
Is 2019 Similar to 2007? What Does It Mean For Gold? - 13th Sep 19
How Did the Philippines Establish Itself as a World Leader in Call Centre Outsourcing? - 13th Sep 19
UK General Election Forecast 2019 - Betting Market Odds - 13th Sep 19
Energy Sector Reaches Key Low Point – Start Looking For The Next Move - 13th Sep 19
Weakening Shale Productivity "VERY Bullish" For Oil Prices - 13th Sep 19
Stock Market Dow to 38,000 by 2022 - 13th Sep 19 - readtheticker
Gold under NIRP? | Negative Interest Rates vs Bullion - 12th Sep 19
Land Rover Discovery Sport Brake Pads and Discs's Replace, Dealer Check and Cost - 12th Sep 19
Stock Market Crash Black Swan Event Set Up Sept 12th? - 12th Sep 19
Increased Pension Liabilities During the Coming Stock Market Crash - 12th Sep 19
Gold at Support: the Upcoming Move - 12th Sep 19
Precious Metals, US Dollar, Stocks – How It All Relates – Part II - 12th Sep 19

Market Oracle FREE Newsletter

How to Invest in the Esports Revolution

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules