Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.

Computing Systems

Computing Systems

Informatics Computing Staff jottings

Website hacking/spamming

Below is a post from Information Services, warning about website hacking incidents that have happened recently within the University.

If you are responsible for a website, or even just web pages, but particularily if you use a self run blog/wiki/WCMS, then it is a good idea to follow the advice given below and periodically Google for your site/pages and include common spam type words, eg Viagra. For example to check homepages for that string, in the Google search box type “site:homepages.inf.ed.ac.uk viagra“. Unfortunately we do seem to have one example of a user run blog, which has been spammed, and this will be rectified shortly. Other hits seem to be genuine research type activity.

Neil

Original post from IS…

Dear colleagues,

There have been several incidents of insidious hacking of non-centrally
supported university websites in the last few months.

Affected sites selectively redirect users referred by a Google search, to
dubious commercial sites, such as online pharmacies.
To see the effect of this, put 'paypal site:ed.ac.uk' into google.com and
look at the search results mentioning Viagra.

If you come across an affected site, please notify me, and the site owner as
soon as possible.

These hacks take advantage of known security vulnerabilities in obsolete
versions of web content management systems and other web tools.  They insert
malicious code which affects how the site appears to Google's robots, and
can redirect users coming from Google searches, but make no visible changes
to the site viewed at its normal URL.

To avoid your website being affected, ensure any web software you are
running is kept up-to-date with the latest security patches and upgrades.

Site owners should use google to check their own sites specifically using
the google search engine and then should address any hacking incidents
immediately, by following the 5 steps in the instructions at
http://stevepenny.com/googleviagraspamhack.html.
Website hacking/spamming / Computing Systems by is licensed under a

Posted by

Categories

Uncategorized

Tags

Previous post

Next post

Leave a reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Website hacking/spamming / Computing Systems by is licensed under a
css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel