 |
HOME › Articles
Anatomy of an iFrame injection attackFirstly, here's how the hacking does NOT happen...
Having clarified how it doesn't happen, here's a typical scenario for an iFrame injection attack... First the hacker either sets up an innocent looking website or uses an innocent website he's hacked. The hacked site's owner usually doesn't even know her site has been compromised. The hacker then loads the site with sophisticated hacking tools. When you visit the site, the hacking software detects and attacks your browser. Browsers that are routinely targeted are Internet Explorer, Firefox and Opera. Now, you don't usually visit that site directly. What usually happens is that you visit one of the many websites the hacker has installed his malicious iFrame code into. This code loads up the hacker's website through an invisible iFrame. Effectively, you are visiting the hacker's website without even realizing it. The hacker's website installs keylogging software on your PC without you even being aware of it. The keylogger sends your passwords and other information back to the hacker. If you have an FTP or root password for any websites, the keylogger sends your login details back to the hacker next time you login. The hacker uses a program that goes to your site and automatically injects the malicious iFrame code into your web pages. And since he has your FTP or login access details, it doesn't make any difference what permissions your folders and files are set to. Anyone now visiting your site gets infected in the same way. And so the cycle continues. » How to remove a malicious iFrame injection attack from your WordPress blog HOME › Articles
|