Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Suspicious hidden Google ad code detected
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Suspicious hidden Google ad code detected (Read 2733 times)
0 Members and 1 Guest are viewing this topic.
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Suspicious hidden Google ad code detected
«
on:
March 29, 2010, 11:22:17 PM »
Hi malware fighters,
Checking here: confetti.co.uk there was a hidden external link found:
http://www.unmaskparasites.com/web-page-options/?url=http%3A//fls.uk.doubleclick.net/activityi%3Bsrc%3D2205006%3Btype%3Dwebsi912%3Bcat%3Dhomep450%3Bord%3D1
Mind you that confetti.co.uk was hacked through some sort of ActiveX attack via obfuscated VBscript. This is another good reason not to use Internet Explorer, as most other browsers do not support ActiveX and are not vulnerable, report from 2008: read the good report and heads-up from Dancho Danchev:
http://ddanchev.blogspot.com/2008/05/yet-another-massive-sql-injection.html
No zeroiframes detected!
Check took 1.64 seconds
Going further on the hidden external link:
(Level: 0) Url checked:
http://www.unmaskparasites.com/web-page-options/?url=http%3A//fls.uk.doubleclick.net/activityi%3Bsrc%3D2205006%3Btype%3Dwebsi912%3Bcat%3Dhomep450%3Bord%3D1
Google code detected (Ads, not a cheater)
Zeroiframes detected on this site: 0
No ad codes identified
Others gave a blank page result
When log-in credentials in such a case are being compromised this could lead to malcode injection when the page is requested...
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Yanto.Chiang
Avast Evangelist
Super Poster
Posts: 1371
Soli Deo Gloria
Re: Suspicious hidden Google ad code detected
«
Reply #1 on:
March 31, 2010, 09:11:58 AM »
Hi Polonus,
Nice article and information to share,
Anyway, base with
http://www.unmaskparasites.com/web-page-options/?url=http%3A%2F%2Ffls.uk.doubleclick.net%2Factivityi%3Bsrc%25202205006%3Btype%2520websi912%3Bcat%2520homep450%3Bord%25201%23666597214533840616#7393535525957476918
How you can identify it this site was injected with malicious software in there?
cheers,
Logged
Yanto Chiang | IT Security Consultants | AVAST Premium Security | GarudaSinatriya
polonus
Avast Überevangelist
Probably Bot
Posts: 33900
malware fighter
Re: Suspicious hidden Google ad code detected
«
Reply #2 on:
March 31, 2010, 10:22:54 PM »
Hi Yanto.Chiang,
In this case the link is benign, but it has some possibilities to be abused...
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Suspicious hidden Google ad code detected