ILL_Natured_gr’s team Weblog

ILL_Natured_gr’s team Weblog at WordPress

Posts Tagged ‘Hackers’

Another inconvenient truth: Al Gore’s Web site hacked

Posted by ILL Natured_gr on November 28, 2007

Noone’s safe these days…

Another inconvenient truth: Al Gore’s Web site hacked
The Web site for Al Gore’s film, ‘An Inconvenient Truth,’ has been hacked.

Robert McMillan (IDG News Service) 27/11/2007 12:24:32

A blog set up to promote former US Vice President Al Gore’s film, “An Inconvenient Truth,” has been hacked and is hosting links to Web sites hawking online pharmaceuticals.

The links appear to have been created as part of a scheme to boost the Web traffic for sites that promote the drugs, security experts said Monday. They contain titles such as “Xanax On Line,” “Viagra,” and “Buy Valium Online.”

Cyber scammers have been using this technique for months now, packing hacked Web sites with links to their products in hopes of bumping up their rankings on search engines such as Google and Ask.com. Another similar tactic, known as “comment spam,” involves flooding the comment sections of Web sites with these types of links.

Because search engines give priority to pages that are linked to by very popular pages, adding links from the Inconvenient Truth blog would be a bonanza for scammers, according to Adam Thomas, a malware researcher at Sunbelt Software. The film’s blog has “such a high page ranking that they use that as sort of conduit to … gain a really high Google page rank, and hope that they can find some suckers to buy some medications online,” he said.

The climatecrisis.net domain, which hosts the blog, is registered to Al Gore, the star of the 2006 Academy Award-winning documentary on global warming. Not all pages on the site appear to have been compromised, security experts say; just those associated with the blog.

Though the drug-promoting links can be seen by the crawler software used by search engines, most visitors wouldn’t even know that they exist. On Monday, they couldn’t be seen on the Web page itself, but were visible in the blog’s source code — which only the people who maintain the Web site should be able to alter. The links point to Web pages on a site run by Westmont College, a small Christian college based in Santa Barbara, California. The Westmont College Web site also appears to have been hacked, Thomas said.

The hacked Westmont pages are in an early stage of development, but some of them were hosting blog pages that could ultimately be used to host ads for the drugs or even to link to other sites that actually sold the pharmaceuticals, Thomas said.

Thomas said attackers were most likely able to gain access to the blog by exploiting flaws in the WordPress Web publishing software used by both the Inconvenient Truth blog and Westmont College. Representatives for Al Gore and Westmont College could not be reached immediately for comment.

Once they gained access to the site, criminals could have easily added malicious exploit code to the blog, and that code could have been used to infect visitors’ PCs with computer viruses, said Roger Thompson, chief technology officer of Exploit Prevention Labs. “It just shows how tricky it is to secure a Web site,” he said. “I think we’re a bit lucky it’s not shooting exploits.”

Linus Larsson of Computer Sweden contributed to this story.

Source : computerworld.com.au

Advertisements

Posted in Internet, News, PC Security | Tagged: , , , | Leave a Comment »

MySpace hacked, exploits target Alicia Keys’ page and others

Posted by ILL Natured_gr on November 10, 2007

MySpace hacked, exploits target Alicia Keys’ page and others

By Thomas Claburn
9 November 2007 12:47PM

Avoid Alicia Keys’ Web page on MySpace. It’s been hacked..

Roger Thompson, CTO at Exploit Prevention Labs, has found multiple hacked MySpace pages, including the page for Alicia Keys, the social networking site’s fourth most popular music artist.

In keeping with what appears to be a new trend among security researchers, Thompson has released a video depicting the hack on YouTube. He has also posted details on his blog.

Visiting the page exposes the visitor to an exploit that installs malware unless the user is fully patched against the most recent security vulnerabilities. “They’re using an exploit to install software in the background,” Thompson explains in the video.

Even those with patched systems are vulnerable. The hackers have found a way to associate their malicious URL with what would normally be a non-clickable background area on the Web page. The result is that clicks outside specific clickable controls get captured and interpreted as a click on the malicious URL.

“If you click anywhere outside a given control, [the malicious URL] will be the default control that it goes to,” Thompson explains. “It’s a really interesting technique and it’s going to catch a lot of people.”

“What’s not clear at this point is how they’re doing it, and how widespread it is,” Thompson says on his blog. “Neither Google nor MySpace seems to be indexing the critical bit of HTML. If you search for the exploit site (co8vd.cn), the only results seem to be victims, or people talking about victims.”

In a conversation via instant message, Thompson said that social networking sites are increasingly become vectors of attack. “The whole point of browser stuff is that it bypasses the firewall,” he explained.

A spokesperson for MySpace was not immediately available to comment on the attack.

Source : itnews.com.au

Posted in Internet, News, PC Security | Tagged: , , , , | 1 Comment »