Blog for hpHosts, and whatever else I feel like writing about ....

Sunday 20 September 2009

Exploits a go-go ....

You may have noticed the major increase in domains added to the hpHosts blacklist, with the EXP classification over the past few days. Sadly, there have been thousands of sites found carrying a variety of malicious codes, from simple iFrames leading to exploits (not surprisingly, almost all have been .ru sites), to actual exploit code itself.

Interestingly, an IP (174.132.146.92 - 5c.92.84ae.static.theplanet.com ) that houses 15 celebrity tour sites (amongst others) has almost all of the tour related sites serving exploits, with the only one not serving them being shakiratourdates.com (is our attacker a Shakira fan?).


Regardless of whether your site has been compromised or not, now would be a good time to get into the habit of changing FTP etc passwords, and making sure any software you're running (e.g. WordPress, phpNuke) is up to date. Backing up your sites files whenever you make a change, and monitoring the site would be a good idea too (you do of course do that already - right?).

No comments: