Feed

Ways to check your website for iframe injection

Posted on May 8th, 2008 in Domain News,iframes,sql injection by dglosser

From cnet:

run a Google search on the entire site to look for this malware infection. Specifically, do a search like

site:mywebsite.com winzipices.cn

Needless to say, replace “mywebsite.com” with the name of your website. It is important that there not be a space after the colon. Hopefully, as shown below, the search finds nothing.

A few other searches:

site:mysite.com ngg.js
site:mysite.com b.js
site:mywebsite.com script src

site:mywebsite.com script iframe

(Again, replace mywebsite.com with your own website).

You can even set up a google daily search to alert you….

possible new iframe ririwow-dot-cn

Posted on May 8th, 2008 in Domain News by dglosser

ririwow [dot] cn
hxxp://www.google.com/search?q=ririwow.cn

Don’t click on any of the links!

Update: Sites hosted on the same IP: ririwow-dot-cn bbs-dot-ueduizuan-dot-com www-dot-bluell-dot-cn feixin-dot-org (thanks to Satnam Narang) for the info.