Malicious Code Appears on Blogger.com

In a warning from Fortinet about malicious code being served up on several Google’s blogger sites, the story isn’t so much that it happens as much as the method being used (which Fortinet failed to mention). However a similar story at CNET – Phishers attack the green zones provides a better insight into the problem.


“At first it seemed that vandals had used an old-school hacking technique called cross-site scripting to inject malicious iframe links into the displayed pages. Iframes are used by Web designers to open additional windows (often hosted on other sites) within a main Web page. Recently, iframes have been used by criminal hackers to redirect browsers via JavaScript to malicious-code sites hosted elsewhere.”


And later in the story … “In each case, the JavaScript pointed visitors to the Super Bowl or the CDC pages via iframe to malicious content” As I’ve mentioned before the “IFrame” is the single most exploited setting in Internet Explorer. Turn it off! … In all my years as a Microsoft MVP I have never had a problem with this setting disabled or found a legitimate site that even uses it.


For IE7 and Windows Vista users this setting is now set to Prompt (default) … turn it off (disable) anyway!


 



Leave a Reply