Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Schestowitz.com gets hacked and 0wned. Becomes part of zombie bot-net to infect visitors and attack other sites.

____/ The Ghost In The Machine on Friday 14 March 2008 18:40 : \____

> In comp.os.linux.advocacy, ray
> <ray@xxxxxxxxxx>
>  wrote
> on 14 Mar 2008 17:23:58 GMT
> <63vqleF28hh9hU1@xxxxxxxxxxxxxxxxxx>:
>> On Fri, 14 Mar 2008 12:56:19 -0400, Duncan Meyer wrote:
>>
>>> So much for that famed linux security bull.
>>> 
>>> 
>>> - "This was found last night. My very out-of-date installation of phpBB
>>> got exploited (first time any of my software gets exploited in 7 years
>>> of running sites on BSD and Linux). I've cleaned  most stuff up, but I'm
>>> styill working with the Web host to get rid of what's left. Script
>>> kiddies snuck in extra markup that points to some other domain (via
>>> iframe) -- whatever it actually does."
>>> 
>>> 
>>> http://groups.google.com/group/comp.os.linux.advocacy/
>> msg/40c2e3fb593a38eb
>>> 
>>> 
>>> "Whatever it actually does...." - you are a completely clueless moron.
>>> Why ties your shoes for you in the morning?
>>
>> I don't recall anyone ever claiming that Linux or any other OS was
>> totally immune to malware attacks; simply that it is much more secure
>> than MS - which seems to be a fact.
> 
> This was not an OS hack, but a vulnerability either in PHP or a BB
> residing thereon.

Not quite. ASP is affected as well (see below), but CNET does mention phpBB
(unpatched installations) as one among those which are hit). Nobody knows for
sure yet, but security researchers learn it all. I have some copies of files
as well, so it remains to be studied. THIS IS NOT A LINUX-ONLY ISSUE.
MICROSOFT IS AFFECTED ALSO.

See:

Hackers Attack Trend Micro

,----[ Quote ]
| Security vendor Trend Micro has fallen victim to a widespread Web attack that 
| splashed malicious software onto hundreds of legitimate Web sites in recent 
| days.  
| 
| [...]
| 
| Researchers are still not sure how the attackers are managing to hack these 
| Web pages, but the pages all seem to use Microsoft's Active Server Page (ASP) 
| technology, which is used by many Web development programs to create dynamic 
| HTML pages. A software bug in any of those programs is all the attackers need 
| to install their malicious code.    
`----

http://www.pcworld.com/article/id,143445-c,hackers/article.html

400,000+ infected web pages in a week?!

http://beranger.org/index.php?page=diary&2008/03/14/12/52/22-400-000-infected-web-pages-in-a-

I've _cleaned up my_ Web site (it took a long while). And for trolls who
spreading BS, thousands of sites including big ones like ZDNet are affected.

Hackers launch massive IFRAME attack

,----[ Quote ]
| But Danchev was more pessimistic that the attacks could be halted 
| quickly. "To sum up -- it's a mess," he said. 
`----

http://www.linuxworld.com.au/index.php?id=26001482&rid=-50

Before accusing individuals, look at the Web as a whole. And if you're using
Windows, be careful of pretty much /ANY/ site you visit. The press is filled
with articles about what became a plague and nobody yet knows how many sites
are really affected.

-- 
                ~~ Best of wishes

Roy S. Schestowitz      | while (!0==1) echo 'Bill Gates' > /dev/null
http://Schestowitz.com  |  RHAT GNU/Linux   |     PGP-Key: 0x74572E8E
 23:00:03 up 50 days,  8:54,  4 users,  load average: 1.96, 1.45, 1.43
      http://iuron.com - help build a non-profit search engine

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index