Best of the Week
Most Popular
1. Stock Markets and the History Chart of the End of the World (With Presidential Cycles) - 28th Aug 20
2.Google, Apple, Amazon, Facebook... AI Tech Stocks Buying Levels and Valuations Q3 2020 - 31st Aug 20
3.The Inflation Mega-trend is Going Hyper! - 11th Sep 20
4.Is this the End of Capitalism? - 13th Sep 20
5.What's Driving Gold, Silver and What's Next? - 3rd Sep 20
6.QE4EVER! - 9th Sep 20
7.Gold Price Trend Forecast Analysis - Part1 - 7th Sep 20
8.The Fed May “Cause” The Next Stock Market Crash - 3rd Sep 20
9.Bitcoin Price Crash - You Will be Suprised What Happens Next - 7th Sep 20
10.NVIDIA Stock Price Soars on RTX 3000 Cornering the GPU Market for next 2 years! - 3rd Sep 20
Last 7 days
The Only Thing Systematic Is The Destruction Of America - 29th Sep 20
Fractional-Reserve Banking Is The Elephant In The Room - 29th Sep 20
Gold And Silver Follow Up & Future Predictions For 2020 & 2021 – Part I - 29th Sep 20
Stock Market Short-term Reversal - 29th Sep 20
How Trump co-opted the religious right and stacked the courts with conservatives - 29th Sep 20
Which RTX 3080 GPU to BUY and AVOID! Nvidia, Asus, MSI , Palit, Gigabyte, Zotac, MLCC vs POSCAPS - 29th Sep 20
Gold, Silver & HUI Stocks Big Pictures - 28th Sep 20
It’s Time to Dump Argentina’s Peso - 28th Sep 20
Gold Stocks Seasonal Plunge - 28th Sep 20
Why Did Precious Metals Get Clobbered Last Week? - 28th Sep 20
Is The Stock Market Dow Transportation Index Setting up a Topping Pattern? - 28th Sep 20
Gold Price Setting Up Just Like Before COVID-19 Breakdown – Get Ready! - 27th Sep 20
UK Coronavirus 2nd Wave SuperMarkets Panic Buying 2.0 Toilet Paper , Hand Sanitisers, Wipes... - 27th Sep 20
Gold, Dollar and Rates: A Correlated Story - 27th Sep 20
WARNING RTX 3080 AIB FLAWED Card's, Cheap Capacitor Arrays Prone to Failing Under Load! - 27th Sep 20
Boris Johnson Hits Coronavirus Panic Button Again, UK Accelerting Covid-19 Second Wave - 25th Sep 20
Precious Metals Trading Range Doing It’s Job to Confound Bulls and Bears Alike - 25th Sep 20
Gold and Silver Are Still Locked and Loaded… Don't be Out of Ammo - 25th Sep 20
Throwing the golden baby out with the covid bath water - Gold Wins - 25th Sep 20
A Look at the Perilous Psychology of Financial Market Bubbles - 25th Sep 20
Corona Strikes Back In Europe. Will It Boost Gold? - 25th Sep 20
How to Boost the Value of Your Home - 25th Sep 20
Key Time For Stock Markets: Bears Step Up or V-Shaped Bounce - 24th Sep 20
Five ways to recover the day after a good workout - 24th Sep 20
Global Stock Markets Break Hard To The Downside – Watch Support Levels - 23rd Sep 20
Beware of These Faulty “Inflation Protected” Investments - 23rd Sep 20
What’s Behind Dollar USDX Breakout? - 23rd Sep 20
Still More Room To Stock Market Downside In The Coming Weeks - 23rd Sep 20
Platinum And Palladium Set To Surge As Gold Breaks Higher - 23rd Sep 20
Key Gold Ratios to Other Markets - 23rd Sep 20
Watch Before Upgrading / Buying RTX 3000, RDNA2 - CPU vs GPU Bottlenecks - 23rd Sep 20
Online Elliott Wave Markets Trading Course Worth $129 for FREE! - 22nd Sep 20
Gold Price Overboughtness Risk - 22nd Sep 20
Central Banking Cartel Promises ZIRP Until at Least 2023 - 22nd Sep 20
Stock Market Correction Approaching Initial Objective - 22nd Sep 20
Silver Bulls Will Be Handsomely Rewarded - 21st Sep 20
Fed Will Not Hike Rates For Years. Gold Should Like It - 21st Sep 20
US Financial Market Forecasts and Elliott Wave Analysis Resources - 21st Sep 20
How to Avoid Currency Exchange Risk during COVID - 21st Sep 20
Crude Oil – A Slight Move Higher Has Not Reversed The Bearish Trend - 20th Sep 20
Do This Instead Of Trying To Find The “Next Amazon” - 20th Sep 20
5 Significant Benefits of the MT4 Trading Platform for Forex Traders - 20th Sep 20
A Warning of Economic Collapse - 20th Sep 20
The Connection Between Stocks and the Economy is not What Most Investors Think - 19th Sep 20
A Virus So Deadly, The Government Has to Test You to See If You Have It - 19th Sep 20
Will Lagarde and Mnuchin Push Gold Higher? - 19th Sep 20
RTX 3080 Mania, Ebay Scalpers Crazy Prices £62,000 Trollers Insane Bids for a £649 GPU! - 19th Sep 20
A Greater Economic Depression For The 21st Century - 19th Sep 20
The United Floor in Stocks - 19th Sep 20
Mobile Gaming Market Trends And The Expected Future Developments - 19th Sep 20
The S&P 500 appears ready to correct, and that is a good thing - 18th Sep 20
It’s Go Time for Gold Price! Next Stop $2,250 - 18th Sep 20
Forget AMD RDNA2 and Buy Nvidia RTX 3080 FE GPU's NOW Before Price - 18th Sep 20
Best Back to School / University Black Face Masks Quick and Easy from Amazon - 18th Sep 20
3 Types of Loans to Buy an Existing Business - 18th Sep 20
How to tell Budgie Gender, Male or Female Sex for Young and Mature Parakeets - 18th Sep 20
Fasten Your Seatbelts Stock Market Make Or Break – Big Trends Ahead - 17th Sep 20
Peak Financialism And Post-Capitalist Economics - 17th Sep 20
Challenges of Working from Home - 17th Sep 20
Sheffield Heading for Coronavirus Lockdown as Covid Deaths Pass 432 - 17th Sep 20
What Does this Valuable Gold Miners Indicator Say Now? - 16th Sep 20
President Trump and Crimes Against Humanity - 16th Sep 20
Slow Economic Recovery from CoronaVirus Unlikely to Impede Strong Demand for Metals - 16th Sep 20
Why the Knives Are Out for Trump’s Fed Critic Judy Shelton - 16th Sep 20
Operation Moonshot: Get Ready for Millions of New COVAIDS Positives in the UK! - 16th Sep 20
Stock Market Approaching Correction Objective - 15th Sep 20
Look at This Big Reminder of Dot.com Stock Market Mania - 15th Sep 20
Three Key Principles for Successful Disruption Investors - 15th Sep 20
Billionaire Hedge Fund Manager Warns of 10% Inflation - 15th Sep 20
Gold Price Reaches $2,000 Amid Dollar Depreciation - 15th Sep 20
GLD, IAU Big Gold ETF Buying MIA - 14th Sep 20
Why Bill Gates Is Betting Millions on Synthetic Biology - 14th Sep 20
Stock Market SPY Expectations For The Rest Of September - 14th Sep 20
Gold Price Gann Angle Update - 14th Sep 20
Stock Market Recovery from the Sharp Correction Goes On - 14th Sep 20
Is this the End of Capitalism? - 13th Sep 20
The Silver Big Prize - 13th Sep 20
U.S. Shares Plunged. Is Gold Next? - 13th Sep 20
Why Are 7,500 Oil Barrels Floating on this London Lake? - 13th Sep 20
Sheffield 432 Covid-19 Deaths, Last City Centre Shop Before Next Lockdown - 13th Sep 20
Biden or Trump Will Keep The Money Spigots Open - 13th Sep 20
Gold And Silver Up, Down, Sideways, Up - 13th Sep 20

Market Oracle FREE Newsletter

How to Get Rich Investing in Stocks by Riding the Electron Wave

Iframes Injection Trojan Downloader Virus Hacking Sites and Desktops Protection

sitenews / Strategic News Aug 28, 2008 - 12:11 AM GMT

By: Nadeem_Walayat

sitenews

Best Financial Markets Analysis ArticleThe Market Oracle web site was the victim of being hacked on Saturday the 23rd of August 2008 at 10.42am (CST)

The site was brought down for 5 hours on Saturday, following which we managed to bring the site back online, following which we attempted to determine exactly what had happened to bring the site down.


Server Glitch or Hack ?

Our initial reaction was that some of the sites system files on the server had become corrupted due to a server error as the server has one of the best anti-virus packages installed (Kaspersky) , and additional mod security and protection against brute force hacking attempts that have thus far prevented any successful hacking of the web site for several years.

On investigation of what had happened we found that the site was definitely brought down as a consequence of malicious action rather than a server glitch as we found code had been injected into some of the sites pages the aim of which was to redirect visitors to the hackers own site via iframes.

On the realization of this we immediately suspended the site whilst we worked on how to cleanse the site of injected code and ascertain who hacked us and how.

The Market Oracle site system files were replaced from a clean back up which enabled us to bring the site back online during the 27th of August 08.

Desktops Compromised Not Server

After extensive analysis, we managed to ascertain that the most probable route for the successful hack was via a compromised desktop that enabled ftp access onto the server, therefore this implies that the server itself was not directly hacked. The most probable route of the virus was via one of the three desktop systems that we use to maintain the web site, and that despite anti-virus software installed the route was probably via visiting a compromised web site that was unaware of the fact that they had been compromised.

We took the action to wipe all three computers which has disrupted our ability to maintain the Market Oracle web site with new content for 4 full days.

Additionally content update during 27th of August was limited as we suspended ftp access to the server.

Who hacked us and Why ?

Initially we thought that the hacking was a consequence of our recent articles on the New Cold War brewing over the Russia / Georgia conflict. However we tracked the source of the virus down to South Korea and further to the Chung-Ang University.

The aim of the attack appears to be to spread a trojan dowloader virus that attempts to infect more desktops with the aim to eventually infect more web sites via ftp access and therefore propagating itself. Furthermore the Chung-Ang University source of the virus attempts to download numerous additional viruses via the trojan downloader onto desktops.

Research has revealed that thousands of web sites are being compromised on a daily basis including government web sites, with many of the web sites unaware that they have been compromised. A search for iframe injection reveals the extent of the problem.

Defence Against Iframes compromised Websites

Immediate action can be taken to prevent iframes code compromised websites from executing the code within iframes by the following procedure -

In internet explorer navigate to - Tools - Internet Options - Security Tab - Custom Level

Under Miscellaneous

Launching programs and files in an IFRAME - DISABLE

Navigate sub-frames across different domains - DISABLE

Defence against Hacking / Virus attacks in General

The defence for servers is to ensure ftp access is highly restricted, as well as maintaining up to date anti-virus, mod security and secure permissions as well as server script monitoring that flags any changes to site system files.

The defence for desktops is to ensure that good anti-virus and anti-malware software is installed such Kaspersky. Additionally AVG offer a free version of their anti-virus that does not expire. Purchasing an good anti-virus package for $30 to $60 is probably the best investment you will make.

Regular Backups

This experience also illustrates the importance of making regular backups of system files and data. In this age of cheap removable storage this is no longer a time consuming exercise when a monthly backup can be completed within a matter of minutes.

What if you are already infected ?

Then its probably too late to install an anti-virus package after your system has become infected.

The best course of action is usually to wipe the desktop and restore from a backup. If you do not backup then you should copy your documents / data before performing a fresh install, and ensure you run a full anti-virus scan on your data before you access it.

By Nadeem Walayat
http://www.marketoracle.co.uk

Copyright © 2005-08 Marketoracle.co.uk (Market Oracle Ltd). All rights reserved.

Nadeem Walayat has over 20 years experience of trading, analysing and forecasting the financial markets, including one of few who both anticipated and Beat the 1987 Crash. Nadeem is the Editor of The Market Oracle, a FREE Daily Financial Markets Analysis & Forecasting online publication. We present in-depth analysis from over 150 experienced analysts on a range of views of the probable direction of the financial markets. Thus enabling our readers to arrive at an informed opinion on future market direction. http://www.marketoracle.co.uk

Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any trading losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors before engaging in any trading activities.

Nadeem Walayat Archive

© 2005-2019 http://www.MarketOracle.co.uk - The Market Oracle is a FREE Daily Financial Markets Analysis & Forecasting online publication.


Comments

Simon Lawrence
29 Aug 08, 03:05
Checking your desktop

Hi,

I run AVG on both my home computers. One of them did block an attempt to download a Trojan through javascript from your sight while it was compromised. The other did not report anything at all and i probably visited your site during the same day with that machine. AVG on both machines now report clean scans. In your opinion are both computers likely to be clean? If not what specifically should i look out for.

Also how is the book coming along? I look forward to reading on its completion.

Simon Lawrence


Nadeem_Walayat
29 Aug 08, 11:12
AVG

Hi

Reboot into safemode and run a full scan.

The book is on hold, I literally have a mountain of work to get through, no time for the luxury of finishing a book, maybe sometime next year.

Best.

NW


Post Comment

Only logged in users are allowed to post comments. Register/ Log in

6 Critical Money Making Rules