Spyware Sucks » Blog Archive » Audi Taiwan’s official Web site has been hacked

Audi Taiwan’s official Web site has been hacked

May 24th 2007 in Uncategorized

It looks like Asus is not the only site in Taiwan to be hacked and dangerous code inserted on it’s Web pages.

Websense reports that Audi’s official Taiwan site has also been hacked:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=776

As of 30 seconds ago the site was still dangerous – the iframe code pointing to misofthelp.com was still there.

I and other security focused MVPs have been warning about the dangers of hacked Web sites for a long time. The problem is finally hitting the popular press. For example, several sites have picked up on a blog entry by Stopbadware.org which recently identified five web hosting companies with the largest number of infected sites residing on their servers:
http://blogs.stopbadware.org/articles/2007/05/04/stopbadware-identifies-hosting-providers-of-larged-numbers-of-sites-in-badware-website-clearinghouse

As a result of the publicity generated by Stopbadware’s report several of the highlighted providers are now working with Stopbadware to clean up the compromised Web sites:
http://blogs.stopbadware.org/articles/2007/05/11/hosting-providers-taking-action-against-badware

Unfortunately, reality is that unless and until these providers work out *how* the sites that they host are being compromised, and address the problems, sites will continue to be hacked. Are the providers failing to install security updates? Are they running old, vulnerable versions of their software? Are they failing to enforce strong passwords/passphrases? A combination of all?

Hosting providers have a responsibility to ensure that they provide the best possible security for their clients because once the bad guys get in, those bad guys have access to hundreds, if not thousands, of Web sites with which to spread their dangerous wares – the crooks get the maximum effect for minimum effort.

Comments are closed.

Column – Better browsing: Internet Explorer 7 offers improved security and productivity

I’ve been writing articles for Microsoft since 2004, yet I still feel a thrill when they are published. My latest article, written for the “Windows Help and How-To” site, is lead article for “Spotlight on Vista”.
You can find the article here:http://windowshelp.microsoft.com/Windows/en-US/help/a426bb85-708c-4b75-87e2-874f9be3b4aa1033.mspx
Help and How-To Site:http://windowshelp.microsoft.com/Windows/en-US/default.mspx

Column – Better browsing: Internet Explorer 7 offers improved security and productivityPrevious Entry

HOTFIX: A script error occurs in IE6 when you view a Web page that includes a script that is transmitted by using HTTP compression, and the URL that points to the script includes a non-ASCII character

A supported hotfix is now available from Microsoft. However, it is intended to correct only the problem that is described in this article. Apply it only to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait […]

HOTFIX: A script error occurs in IE6 when you view a Web page that includes a script that is transmitted by using HTTP compression, and the URL that points to the script includes a non-ASCII characterNext Entry