Protect Your Blog from iframe Malicious Programs..!
Is your blog safe? Or hacked by some malicious Trojan horse? You can’t answer until you open and see your code and control panel. Heard that many of the blogs are hacked by some Trojan horse and resulted in click fraud. This led to Adsense account blocking.
All most all the attacked blogs resembles the same behavior. That is symptoms like sudden increase in traffic, increase in AdSense revenue and etc… I read some of the blogging gurus telling not to see the stats daily either blogging or revenue stats. That may lead to failure in finding the things before the damage.
I always recommend monitoring your traffic and revenue daily. If you found any sudden increase in either of them, immediately contact your Hosting provider and AdSense team. By this way you can prevent the damage to certain extent.
By the way, on the account of all these news on forums, I contacted my hosting provider to update the things on these account blockages and viruses and asked the suggestions to protect myself. I got few replies from the team, which made me stranger.
They gave some information and links to educate ourselves. That made me to prepare this long post, here is all the information and links I got…
Info Source 1:
Make sure you have correct permissions for your website files. Also keep changing passwords every week with secure ones. Few of the issues we found with some sites hosted in our server is discussed at following link. Problems occurred due to customer set wrong permissions to their website files. So be careful, and go through the article at following link. Hacking occurs with customers who use crack and patch in their local computer. When they run cracks or patches, gets infected with Trojan and which steals passwords. These stolen passwords are further used for hacking and modifying web pages. These are little information and examples.
http://www.softpanorama.org/Malware/Malicious_web/malicious_iframe_attack.shtml
Info Source 2:
Only point to remember is, Do not give write permission for files which doesn’t need it. Many times, instead of giving write permission for few necessary files/folders, we have noticed, people give full control permission for all files. This is done because of laziness or not aware of issues related to such actions. Usually for all files need only read permission to public. If you give write permission, using some Tools, hackers can alter your site files without logging into ftp or your account. What they usually do is insert iframe code or java script code to distribute malicious programs to the visitor’s computers. When Google finds such sites which distributes malicious code, includes in black list. Another important point is keep your web applications up to date with all security patches or updates applied. Hacker’s uses well know vulnerabilities in popular open source application, if you don’t update them periodically.
Tool to scan your blog for iframe detection:
You don’t need to manually check for iframe viruses.Here is a tool to scan your website …
- Open Novirusthanks
- Enter you URL (Ex:http://techzoomin.com)
- Click on Scan URL to check your site safety
Thanks to Ricky for sharing this tool.
Long post, but must read one. Read everything to sit out of the block room. Be secure and be happy. Had any info on this? Please do share with us! Happy Blogging!!
Nice writing style. I look forward to reading more in the future.
[...] people are often dubious about the veracity of information they find online. If your website Protect Your Blog from iframe Malicious Programs..! – techzoomin.com 05/15/2009 Is your blog safe? Or hacked by some malicious Trojan horse? You [...]
All the forums are fed up with these kind of threads. “My blog hacked pls help me”- As author said, everyone should monitor the stats daily. See from where the traffic coming…
Very informative article.Even i am scared of trojans.I update my blog from the clg pc which is infected by viruses(in hindi virus ki dukan he).i hope i haven’t uploaded viruses to my website.
@ Dan,
Thanks for your comments..
@ ifreelance,
Thanks dude, you agreed to my views..lets see how others will react
@ Ricky,
Thats good point i missed here dude… Guys if your PC infected with virus..then don’t open your website Cpanel or http://FTP…if you done this already? contact your Hosting provider immdly to cross check your securtiy.
Ricky, thanks for reminding this great thing dude..
@Lax
dude check ur feedburner subscription via email service.it says ‘feed does not have subscription via email enabled’ .Check ur codes again.
@Lax
Omg.I am in big trouble here.I found 7iframe codes in my website.
You forgot to mention how to check iframe codes.Friends go to htttp://novirusthanks.org to check your website for iframe codes.Happy blogging.
is there any way to remove it?
@ Ricky,
Thanks for that tool and email feeds issue. I’m looking into it now.
Regarding the iframe removal…You need to open your index.php and check for that iframe code and remove manually. And also check the url given in “Info Source 1″ above.
And also contact your Hosting provider immdly.They can scan and remove the program from your disk.
Be careful dude… Don’t forget to share us your further experiences with this..
That tool is very helpful Lax. Thanks to that guy who shared this one here.
What the heck is this hackers doing lol
You are welcome buddy.We are here to help eachother.
@ Softhydit,
That’s natural process in internet life cycle. Hackers try to attack always..we need to avoid with techniques.
@ Ricky,
That’s correct dude… Have your removed http://www.techzoomin.com/protect-your-blog-from-iframe-malicious-programs/“>iframes in your code? If yes, how??
@Lax
I have removed all my iframe codes.It was an easy process.In my case my index.php files were not affected by http://www.techzoomin.com/protect-your-blog-from-iframe-malicious-programs/“>iframes.I looked at these articles http://www.techyshell.com/internet/how-to-remove-iframe-trojan/ and http://fieldsmarshall.com/htmliframe-inf-WordPress-infection/ but it didn’t help me.I checked the codes again and found one common url hxxp://digg_com in each and every iframe codes so i went to my digg digg plugin and checked .php File in that and voila iframe was there.I deleted the plugin and checked my website at http://novirusthanks.org and luckily my iframes were gone.Thank god.
Thanks for this article Lax.My website worth has increased to 1000+ $ within 15days of my blogging.I guess this is the work of that virus only.lol.
I use my Linux system, when I need to work with my Hosting and blog. I always believe its a lot secure way to work with Linux. However I Do rest of my work on Windows.
@ Ricky,
Thank a lot for sharing all that stuff here Ricky. I’m very thankful to you on behalf of TZI readers.
@ Arafat,
That’s always wise decision to use Linux. But i don’t have that setup ready…and planning to have one..
Thanks for the tip dude…
Hi,
I see you have to put the website full path in of the page you want it to scan.
I have 2 websites that can Do it automatically for you namely http://www.unmaskparasites.com and http://www.blacklistdoctor.com. Go have a look.
Thanks for the info.
@ George,
All the works with the default standards http://techzoomin.com. Thanks for sharing those 2 sources to check…i checked and found as safe
@George and Lax
Thanx for the info.My website is clean now.
Good discussion, I suggest everyone to use Kaspersky Internet Security 2009, which is found very effective. Now they are selling 3 licence pack for Rs.450 – Rs.600 price range for a year licence. That means you are paying only Rs.150 – Rs.200 for single licence. This offer is in India only. By using this, you can be almost sure that, your system is not infected with any of the malicious programs.
@ Harish,
That’s great news dude. I thought it will be must costliest than you said.
Thanks for all that information Harish.
@ Harish,
Can you tell any other tips for the guys here to safeguard their blogs/sites.
Since you’re from a Hosting company, you suggestions are valuable for us. Can you please?
Lax thanks for this Info. I am particularly concerned about my Blog Security
Good discussion on protecting the blogs. Work as a community like this and share the tips to protect the blogs.
Good initiative you have taken man.
@ Agent,
Good that you guys are sharing all your experiences here.. Thanks dude.
@ Blogging,
That’s great said dude. We work like community/friends to protect ourselves. Thanks for your first comments here.
Cool tool easy to use
Thanks for another tip.. though what Do you meant by contacting Adsense team when you feel something is wrong?
You meant to say we should tell them about the issue before they take any action?
@ Anish,
Thanks for your Comment dude…
@ Harsha,
Yes, exactly. If we tell them before…so that they can keep blocking for some time or they could find the reason…
It’s again own decision of the victim
My blog was hacked once. But I found out quickly as kaspersky would go crazy as soon as I would open my website. Removed the iframe injections using wp-exploit scanner.
Good that your kaspersky did for you. Thanks for sharing your exp dude.
Hi
Another useful link related to hidden iframe injection issue.
http://www.diovo.com/2009/03/hidden-iframe-injection-attacks/
Bookmarked for future use
Hi there.
Thank you for a great post. It was very helpfull.
Anyone reading this post should bookmark this guys contents.
I have a new PC and needed some installation help so i went over to http://www.InstallSoftware.com but they did not provide me with the in depth
info this guy did. he kicks all the bigger sites’ butts.
Thanks Again