funsec mailing list archives
RE: Cyber Crooks Hijack Activities of Large Web-Hosting Firm
From: "Hubbard, Dan" <dhubbard () websense com>
Date: Wed, 23 May 2007 12:46:48 -0700
I am pretty sure this happened quite some time ago and then are still working on clean-up. Minimum 8 months ago. They were all IFRAME Cash links. ________________________________ From: funsec-bounces () linuxbox org on behalf of Fergie Sent: Wed 5/23/2007 12:10 PM To: funsec () linuxbox org Subject: [funsec] Cyber Crooks Hijack Activities of Large Web-Hosting Firm -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Brian Krebs: [snip] Organized crime groups have modified a significant share of the Web sites operated by one of the Internet's largest Web hosting companies to launch cyber attacks against visitors, Security Fix has learned. Last month, Phoenix-based IPOWER Inc. was featured prominently in an unflattering report by StopBadware.org, a joint effort by Google, Harvard Law School's Berkman Center for Internet & Society and Oxford University's Internet Institute. StopBadware has identified more than 90,000 sites that attempt to install malicious software on visitors' computers via Internet browser security holes or programming tricks. When a user tries to click on one of these sites after they appear as Google search results, Google posts a warning page stating that the site has been spotted trying to attack previous visitors. John Palfrey, a professor of Internet law at Harvard, said the report showed that about 90 percent of the sites flagged as serving "badware" appeared to be otherwise legitimate sites that had been hijacked by criminals. StopBadware found that about 10 percent of the sites in its database were operated by IPOWER. Security Fix found that the problem at IPOWER may be far worse than StopBadware indicated. [snip] More: http://blog.washingtonpost.com/securityfix/2007/05/cyber_crooks_hijack_acti vities_1.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.1 (Build 1012) wj8DBQFGVJGwq1pz9mNUZTMRArJKAJ483U4yogN8zFypBJyxkaVkL60W2gCeOFUf RlLUSyvplDOgmND0+U9zUNE= =ke7W -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cyber Crooks Hijack Activities of Large Web-Hosting Firm Fergie (May 23)
- RE: Cyber Crooks Hijack Activities of Large Web-Hosting Firm Hubbard, Dan (May 23)