Thursday, February 11, 2010

We clearly have a security problem when 64 million webpages have the exact same scam phrase within them.

While inspecting hacked website data I found a phrase that appears to be a signature of a specific type of website infection. The phrase was "buy-phentermine- 37.5mg-without-prescription". This is a lengthy phrase and not likely to be reproduced by a reputable pharmacy in this exact form.

When I used Google to finds out how many websites had this phrase within them, I was shocked. Google reported that 64 Million webpages contain the exact phrase "buy-phentermine- 37.5mg-without-prescription".

Maybe the reported Google number of 64 Million is high. Bing said 24 Million, Yahoo! said 22 Thousand. But either way, this means that there are probably millions of hacked websites out there, with just this one infection. Considering just this one hack has resulting in so many infections, we have to be concerned. Widespread hacking is a serious problem because hacked websites lower the quality, trustworthiness and safety of the whole Internet. Depending on the exact attack used, many of these websites could also be drones in botnets or leaking confidential business or personal information to third parties.

Looking at these exact infections I see they occur on a variety of platforms and are presented in different ways. Some use 'display:none' styling to hide the links, some use 'position:absolute;left:-2000px;' to hide the links, some don't even hide there links. Some infections are focused on taking you to a (fake) online pharmacy to buy the drugs while others seem to be more after search engine ranking inflation. Some don't seem to have any purpose since they simply link to another hacked website. This type might be some type of search rank inflation too, if these linked sites eventually link back to the (fake) online pharmacy.

This pervasiveness is the reason is out to find these hacked websites, inform their owners, and get them fixed. The widespread hacking that we see on the Internet is why the word 'Rescue' is in the name of RescueTheWeb. This is a rescue mission. Anytime there are 64 million of anything you need to pay attention to it.

No comments:

Post a Comment