Best of the Week
Most Popular
1. Stock Markets and the History Chart of the End of the World (With Presidential Cycles) - 28th Aug 20
2.Google, Apple, Amazon, Facebook... AI Tech Stocks Buying Levels and Valuations Q3 2020 - 31st Aug 20
3.The Inflation Mega-trend is Going Hyper! - 11th Sep 20
4.Is this the End of Capitalism? - 13th Sep 20
5.What's Driving Gold, Silver and What's Next? - 3rd Sep 20
6.QE4EVER! - 9th Sep 20
7.Gold Price Trend Forecast Analysis - Part1 - 7th Sep 20
8.The Fed May “Cause” The Next Stock Market Crash - 3rd Sep 20
9.Bitcoin Price Crash - You Will be Suprised What Happens Next - 7th Sep 20
10.NVIDIA Stock Price Soars on RTX 3000 Cornering the GPU Market for next 2 years! - 3rd Sep 20
Last 7 days
Intel Empire Fights Back with Rocket and Alder Lake! - 24th Jan 21
4 Reasons for Coronavirus 2021 Hope - 24th Jan 21
Apple M1 Chip Another Nail in Intel's Coffin - Top AI Tech Stocks 2021 - 24th Jan 21
Stock Market: Why You Should Prepare for a Jump in Volatility - 24th Jan 21
What’s next for Bitcoin Price – $56k or $16k? - 24th Jan 21
How Does Credit Repair Work? - 24th Jan 21
Silver Price 2021 Roadmap - 22nd Jan 21
Why Biden Wants to Win the Fight for $15 Federal Minimum Wage - 22nd Jan 21
Here’s Why Gold Recently Moved Up - 22nd Jan 21
US Dollar Decline creates New Sector Opportunities to Trade - 22nd Jan 21
Sandisk Extreme Micro SDXC Memory Card Read Write Speed Test Actual vs Sales Pitch - 22nd Jan 21
NHS Recommends Oximeter Oxygen Sensor Monitors for Everyone 10 Months Late! - 22nd Jan 21
DoorDash Has All the Makings of the “Next Amazon” - 22nd Jan 21
How to Survive a Silver-Gold Sucker Punch - 22nd Jan 21
2021: The Year of the Gripping Hand - 22nd Jan 21
Technology Minerals appoints ex-BP Petrochemicals CEO as Advisor - 22nd Jan 21
Gold Price Drops Amid Stimulus and Poor Data - 21st Jan 21
Protecting the Vulnerable 2021 - 21st Jan 21
How To Play The Next Stage Of The Marijuana Boom - 21st Jan 21
UK Schools Lockdown 2021 Covid Education Crisis - Home Learning Routine - 21st Jan 21
General Artificial Intelligence Was BORN in 2020! GPT-3, Deep Mind - 20th Jan 21
Bitcoin Price Crash: FCA Warning Was a Slap in the Face. But Not the Cause - 20th Jan 21
US Coronavirus Pandemic 2021 - We’re Going to Need More Than a Vaccine - 20th Jan 21
The Biggest Biotech Story Of 2021? - 20th Jan 21
Biden Bailout, Democrat Takeover to Drive Americans into Gold - 20th Jan 21
Pandemic 2020 Is Gone! Will 2021 Be Better for Gold? - 20th Jan 21
Trump and Coronavirus Pandemic Final US Catastrophe 2021 - 19th Jan 21
How To Find Market Momentum Trades for Explosive Gains - 19th Jan 21
Cryptos: 5 Simple Strategies to Catch the Next Opportunity - 19th Jan 21
Who Will NEXT Be Removed from the Internet? - 19th Jan 21
This Small Company Could Revolutionize The Trillion-Dollar Drug Sector - 19th Jan 21
Gold/SPX Ratio and the Gold Stock Case - 18th Jan 21
More Stock Market Speculative Signs, Energy Rebound, Commodities Breakout - 18th Jan 21
Higher Yields Hit Gold Price, But for How Long? - 18th Jan 21
Some Basic Facts About Forex Trading - 18th Jan 21
Custom Build PC 2021 - Ryzen 5950x, RTX 3080, 64gb DDR4 Specs - Scan Computers 3SX Order Day 11 - 17th Jan 21
UK Car MOT Covid-19 Lockdown Extension 2021 - 17th Jan 21
Why Nvidia Is My “Slam Dunk” Stock Investment for the Decade - 16th Jan 21
Three Financial Markets Price Drivers in a Globalized World - 16th Jan 21
Sheffield Turns Coronavirus Tide, Covid-19 Infections Half Rest of England, implies Fast Pandemic Recovery - 16th Jan 21
Covid and Democrat Blue Wave Beats Gold - 15th Jan 21
On Regime Change, Reputations, the Markets, and Gold and Silver - 15th Jan 21
US Coronavirus Pandemic Final Catastrophe 2021 - 15th Jan 21
The World’s Next Great Onshore Oil Discovery Could Be Here - 15th Jan 21
UK Coronavirus Final Pandemic Catastrophe 2021 - 14th Jan 21
Here's Why Blind Contrarianism Investing Failed in 2020 - 14th Jan 21
US Yield Curve Relentlessly Steepens, Whilst Gold Price Builds a Handle - 14th Jan 21
NEW UK MOT Extensions or has my Car Plate Been Cloned? - 14th Jan 21
How to Save Money While Decorating Your First House - 14th Jan 21
Car Number Plate Cloned Detective Work - PY16 JXV - 14th Jan 21
Big Oil Missed This, Now It Could Be Worth Billions - 14th Jan 21
Are you a Forex trader who needs a bank account? We have the solution! - 14th Jan 21
Finetero Review – Accurate and Efficient Stock Trading Services? - 14th Jan 21

Market Oracle FREE Newsletter

FIRST ACCESS to Nadeem Walayat’s Analysis and Trend Forecasts

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules