Best of the Week
Most Popular
1. 2019 From A Fourth Turning Perspective - James_Quinn
2.Beware the Young Stocks Bear Market! - Zeal_LLC
3.Safe Havens are Surging. What this Means for Stocks 2019 - Troy_Bombardia
4.Most Popular Financial Markets Analysis of 2018 - Trump and BrExit Chaos Dominate - Nadeem_Walayat
5.January 2019 Financial Markets Analysis and Forecasts - Nadeem_Walayat
6.Silver Price Trend Analysis 2019 - Nadeem_Walayat
7.Why 90% of Traders Lose - Nadeem_Walayat
8.What to do With Your Money in a Stocks Bear Market - Stephen_McBride
9.Stock Market What to Expect in the First 3~5 Months of 2019 - Chris_Vermeulen
10.China, Global Economy has Tipped over: The Surging Dollar and the Rallying Yen - FXCOT
Last 7 days
Risk/Reward in Silver Favors Buying Now, Not Waiting for Big Moves - 23rd Mar 19
Similarities Between Stock Market Today and Previous Bull Market Tops - 23rd Mar 19
Stock Market DOW Seasonal Trend Analysis - 23rd Mar 19
US Dollar Breakdown on Fed Was Much Worse Than It Looks - 23rd Mar 19
Gold Mid-Tier GDXJ Stocks Fundamentals - 23rd Mar 19
Which Currency Pairs Stand to Benefit from Prevailing Risk Aversion? - 23rd Mar 19
If You Get These 3 Things Right, You’ll Never Have to Worry About Money - 22nd Mar 19
March 2019 Cryptocurrency Technical Analysis - 22nd Mar 19
Turkey Tourist Fakes Market Bargains Haggling Top Tips - 22nd Mar 19
Next Recession: Finding A 48% Yield Amid The Ruins - 22nd Mar 19
Your Future Stock Returns Might Unpleasantly Surprise You - 22nd Mar 19
Fed Acknowledges “Recession Risks”. Run for the Hills! - 22nd Mar 19
Will Bridging Loans Grow in Demand and Usage in 2019? - 22nd Mar 19
Does Fed Know Something Gold Investors Do Not Know? - 21st Mar 19
Gold …Some Confirmations to Watch For - 21st Mar 19
UKIP No Longer About BrExit, Becomes BNP 2.0, Muslim Hate Party - 21st Mar 19
A Message to the Gold Bulls: Relying on the CoT Gives You A False Sense of Security - 20th Mar 19
The Secret to Funding a Green New Deal - 20th Mar 19
Vietnam, Part I: Colonialism and National Liberation - 20th Mar 19
Will the Fed Cut its Interest Rate Forecast, Pushing Gold Higher? - 20th Mar 19
Dow Jones Stock Market Topping Pattern - 20th Mar 19
Gold Stocks Outperform Gold but Not Stocks - 20th Mar 19
Here’s What You’re Not Hearing About the US - China Trade War - 20th Mar 19
US Overdosing on Debt - 19th Mar 19
Looking at the Economic Winter Season Ahead - 19th Mar 19
Will the Stock Market Crash Like 1937? - 19th Mar 19
Stock Market VIX Volaility Analysis - 19th Mar 19
FREE Access to Stock and Finanacial Markets Trading Analysis Worth $1229! - 19th Mar 19
US Stock Markets Price Anomaly Setup Continues - 19th Mar 19
Gold Price Confirmation of the Warning - 18th Mar 19
Split Stock Market Warning - 18th Mar 19
Stock Market Trend Analysis 2019 - Video - 18th Mar 19
Best Precious Metals Investment and Trades for 2019 - 18th Mar 19
Hurdles for Gold Stocks - 18th Mar 19
Pento: Coming QE & Low Rates Will Be ‘Rocket Fuel for Gold’ - 18th Mar 19
"This is for Tommy Robinson" Shouts Knife Wielding White Supremacist Terrorist in London - 18th Mar 19
This Is How You Create the Biggest Credit Bubble in History - 17th Mar 19
Crude Oil Bulls - For Whom the Bell Tolls - 17th Mar 19
Gold Mining Stocks Fundamentals - 17th Mar 19
Why Buy a Land Rover - Range Rover vs Huge Tree Branch Falling on its Roof - 17th Mar 19
UKIP Urged to Change Name to BNP 2.0 So BrExit Party Can Fight a 2nd EU Referendum - 17th Mar 19
Tommy Robinson Looks Set to Become New UKIP Leader - 16th Mar 19
Gold Final Warning: Here Are the Stunning Implications of Plunging Gold Price - 16th Mar 19
Towards the End of a Stocks Bull Market, Short term Timing Becomes Difficult - 16th Mar 19
UKIP Brexit Facebook Groups Reveling in the New Zealand Terror Attacks Blaming Muslim Victims - 16th Mar 19
Gold – US Dollar vs US Dollar Index - 16th Mar 19
Islamophobic Hate Preachers Tommy Robinson and Katie Hopkins have Killed UKIP and Brexit - 16th Mar 19
Countdown to The Precious Metals Gold and Silver Breakout Rally - 15th Mar 19
Shale Oil Splutters: Brent on Track for $70 Target $100 in 2020 - 15th Mar 19
Setting up a Business Just Got Easier - 15th Mar 19
Stock Market Elliott Wave Analysis Trend Forercast - Video - 15th Mar 19
Gold Warning - Here Are the Stunning Implications of Plunging Gold Price - Part 1 - 15th Mar 19
UK Weather SHOCK - Trees Dropping Branches onto Cars in Stormy Winds - Sheffield - 15th Mar 19
Best Time to Trade Forex - 15th Mar 19
Why the Green New Deal Will Send Uranium Price Through the Roof - 14th Mar 19
S&P 500's New Medium-Term High, but Will Stock Market Uptrend Continue? - 14th Mar 19
US Conservatism - 14th Mar 19
Gold in the Age of High-speed Electronic Trading - 14th Mar 19
Britain's Demographic Time Bomb Has Gone Off! - 14th Mar 19
Why Walmart Will Crush Amazon - 14th Mar 19
2019 Economic Predictions - 14th Mar 19
Tax Avoidance Bills Sent to Thousands of Workers - 14th Mar 19

Market Oracle FREE Newsletter

Stock Market Trend Forecast March to September 2019

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules