Best of the Week
Most Popular
1. US Housing Market Real Estate Crash The Next Shoe To Drop – Part II - Chris_Vermeulen
2.The Coronavirus Greatest Economic Depression in History? - Nadeem_Walayat
3.US Real Estate Housing Market Crash Is The Next Shoe To Drop - Chris_Vermeulen
4.Coronavirus Stock Market Trend Implications and AI Mega-trend Stocks Buying Levels - Nadeem_Walayat
5. Are Coronavirus Death Statistics Exaggerated? Worse than Seasonal Flu or Not?- Nadeem_Walayat
6.Coronavirus Stock Market Trend Implications, Global Recession and AI Stocks Buying Levels - Nadeem_Walayat
7.US Fourth Turning Accelerating Towards Debt Climax - James_Quinn
8.Dow Stock Market Trend Analysis and Forecast - Nadeem_Walayat
9.Britain's FAKE Coronavirus Death Statistics Exposed - Nadeem_Walayat
10.Commodity Markets Crash Catastrophe Charts - Rambus_Chartology
Last 7 days
Coronavirus: UK Parents Demand ALL Schools OPEN September, 7 Million Children Abandoned by Teachers - 9th Aug 20
Computer GPU Fans Not Spinning Quick FIX - Sticky Fans Solution - 9th Aug 20
Find the Best Speech Converter for You - 9th Aug 20
Silver Bull Market Update - 7th Aug 20
This Inflation-Adjusted Silver Chart Tells An Interesting Story - 7th Aug 20
The Great American Housing Boom Has Begun - 7th Aug 20
NATURAL GAS BEGINS UPSIDE BREAKOUT MOVE - 7th Aug 20
Know About Lotteries With The Best Odds Of Winning - 7th Aug 20
Could Gold Price Reach $7,000 by 2030? - 6th Aug 20
Bananas for All! Keep Dancing… FOMC - 6th Aug 20
How to Do Bets During This Time - 6th Aug 20
How to develop your stock trading strategy - 6th Aug 20
Stock Investors What to do if Trump Bans TikTok - 5th Aug 20
Gold Trifecta of Key Signals for Gold Mining Stocks - 5th Aug 20
ARE YOU LOVING YOUR SERVITUDE? - 5th Aug 20
Stock Market Uptrend Continues? - 4th Aug 20
The Dimensions of Covid-19: The Hong Kong Flu Redux - 4th Aug 20
High Yield Junk Bonds Are Hot Again -- Despite Warning Signs - 4th Aug 20
Gold Stocks Autumn Rally - 4th Aug 20
“Government Sachs” Is Worried About the Federal Reserve Note - 4th Aug 20
Gold Miners Still Pushing That Cart of Rocks Up Hill - 4th Aug 20
UK Government to Cancel Christmas - Crazy Covid Eid 2020! - 4th Aug 20
Covid-19 Exposes NHS Institutional Racism Against Black and Asian Staff and Patients - 4th Aug 20
How Sony Is Fueling the Computer Vision Boom - 3rd Aug 20
Computer Gaming System Rig Top Tips For 6 Years Future Proofing Build Spec - 3rd Aug 20
Cornwwall Bude Caravan Park Holidays 2020 - Look Inside Holiday Resort Caravan - 3rd Aug 20
UK Caravan Park Holidays 2020 Review - Hoseasons Cayton Bay North East England - 3rd Aug 20
Best Travel Bags for 2020 Summer Holidays , Back Sling packs, water proof, money belt and tactical - 3rd Aug 20
Precious Metals Warn Of Increased Volatility Ahead - 2nd Aug 20
The Key USDX Sign for Gold and Silver - 2nd Aug 20
Corona Crisis Will Have Lasting Impact on Gold Market - 2nd Aug 20
Gold & Silver: Two Pictures - 1st Aug 20
The Bullish Case for Stocks Isn't Over Yet - 1st Aug 20
Is Gold Price Action Warning Of Imminent Monetary Collapse - Part 2? - 1st Aug 20
Will America Accept the World's Worst Pandemic Response Government - 1st Aug 20
Stock Market Technical Patterns, Future Expectations and More – Part II - 1st Aug 20
Trump White House Accelerating Toward a US Dollar Crisis - 31st Jul 20
Why US Commercial Real Estate is Set to Get Slammed - 31st Jul 20
Gold Price Blows Through Upside Resistance - The Chase Is On - 31st Jul 20
Is Crude Oil Price Setting Up for a Waterfall Decline? - 31st Jul 20
Stock Market Technical Patterns, Future Expectations and More - 30th Jul 20
Why Big Money Is Already Pouring Into Edge Computing Tech Stocks - 30th Jul 20
Economic and Geopolitical Worries Fuel Gold’s Rally - 30th Jul 20
How to Finance an Investment Property - 30th Jul 20
I Hate Banks - Including Goldman Sachs - 29th Jul 20
NASDAQ Stock Market Double Top & Price Channels Suggest Pending Price Correction - 29th Jul 20
Silver Price Surge Leaves Naysayers in the Dust - 29th Jul 20
UK Supermarket Covid-19 Shop - Few Masks, Lack of Social Distancing (Tesco) - 29th Jul 20
Budgie Clipped Wings, How Long Before it Can Fly Again? - 29th Jul 20
How To Take Advantage Of Tesla's 400% Stock Surge - 29th Jul 20
Gold Makes Record High and Targets $6,000 in New Bull Cycle - 28th Jul 20
Gold Strong Signal For A Secular Bull Market - 28th Jul 20
Anatomy of a Gold and Silver Precious Metals Bull Market - 28th Jul 20
Shopify Is Seizing an $80 Billion Pot of Gold - 28th Jul 20
Stock Market Minor Correction Underway - 28th Jul 20
Why College Is Never Coming Back - 27th Jul 20
Stocks Disconnect from Economy, Gold Responds - 27th Jul 20
Silver Begins Big Upside Rally Attempt - 27th Jul 20
The Gold and Silver Markets Have Changed… What About You? - 27th Jul 20
Google, Apple And Amazon Are Leading A $30 Trillion Assault On Wall Street - 27th Jul 20
This Stock Market Indicator Reaches "Lowest Level in Nearly 20 Years" - 26th Jul 20
New Wave of Economic Stimulus Lifts Gold Price - 26th Jul 20
Stock Market Slow Grind Higher Above the Early June Stock Highs - 26th Jul 20
How High Will Silver Go? - 25th Jul 20
If You Own Gold, Look Out Below - 25th Jul 20
Crude Oil and Energy Sets Up Near Major Resistance – Breakdown Pending - 25th Jul 20
FREE Access to Premium Market Forecasts by Elliott Wave International - 25th Jul 20
The Promise of Silver as August Approaches: Accumulation and Conversation - 25th Jul 20
The Silver Bull Gateway is at Hand - 24th Jul 20
The Prospects of S&P 500 Above the Early June Highs - 24th Jul 20
How Silver Could Surpass Its All-Time High - 24th Jul 20

Market Oracle FREE Newsletter

How to Get Rich Investing in Stocks by Riding the Electron Wave

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules