Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Audi Taiwan’s official Web site has been hacked

May 24th 2007 in Uncategorized

It looks like Asus is not the only site in Taiwan to be hacked and dangerous code inserted on it’s Web pages.


Websense reports that Audi’s official Taiwan site has also been hacked:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=776


As of 30 seconds ago the site was still dangerous – the iframe code pointing to misofthelp.com was still there.


I and other security focused MVPs have been warning about the dangers of hacked Web sites for a long time.  The problem is finally hitting the popular press.  For example, several sites have picked up on a blog entry by Stopbadware.org which recently identified five web hosting companies with the largest number of infected sites residing on their servers:
http://blogs.stopbadware.org/articles/2007/05/04/stopbadware-identifies-hosting-providers-of-larged-numbers-of-sites-in-badware-website-clearinghouse


As a result of the publicity generated by Stopbadware’s report several of the highlighted providers are now working with Stopbadware to clean up the compromised Web sites:
http://blogs.stopbadware.org/articles/2007/05/11/hosting-providers-taking-action-against-badware


Unfortunately, reality is that unless and until these providers work out *how* the sites that they host are being compromised, and address the problems, sites will continue to be hacked.  Are the providers failing to install security updates? Are they running old, vulnerable versions of their software? Are they failing to enforce strong passwords/passphrases?  A combination of all?


Hosting providers have a responsibility to ensure that they provide the best possible security for their clients because once the bad guys get in, those bad guys have access to hundreds, if not thousands, of Web sites with which to spread their dangerous wares – the crooks get the maximum effect for minimum effort.


Comments are closed.

I’ve been writing articles for Microsoft since 2004, yet I still feel a thrill when they are published.  My latest article, written for the “Windows Help and How-To” site, is lead article for “Spotlight on Vista”.
You can find the article here:http://windowshelp.microsoft.com/Windows/en-US/help/a426bb85-708c-4b75-87e2-874f9be3b4aa1033.mspx
Help and How-To Site:http://windowshelp.microsoft.com/Windows/en-US/default.mspx

Previous Entry

A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that is described in this article. Apply it only to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait […]

Next Entry

Archives