Alden Bates' Weblog: Outing scumbags

Outing scumbags

OK, A scant couple of days after we upgraded Teaspoon to a more secure version of eFiction, we were hacked into. The hackers used an exploit in eFiction to break in and add some code to one of the files. I have patched the exploit in the version of eFiction on our site, and notified the eFiction authors.

The hacker (who had a Russian IP address) changed a file to insert a 1x1 iframe on every page on the site. The URL they used was malformed and didn't work, but would have pointed at iframebiz.biz, which tried to load a Trojan onto the target's PC.

The registration info on iframebiz.biz is:
Ezhi Brozkevitsh
Al. Armii Ludowej 24
Warszawa 00-609
Poland
+21.225798***

I'm presuming he pays hackers to put code onto sites so he can infect PCs for whatever nefarious purpose.

Edit: the eFiction authors have already issued a security patch. :)

Posted December 11, 2005 1:27 PM

Alden Bates' Weblog

Feigning normality since 1973

Outing scumbags

Post a comment


	Home : December 2005 Alden Bates' Weblog Feigning normality since 1973 « Converting FRM/MYD/MYI database files to SQL \| Main \| My brain doesn't work in the mornings » Outing scumbags Filed in: Website Management. OK, A scant couple of days after we upgraded Teaspoon to a more secure version of eFiction, we were hacked into. The hackers used an exploit in eFiction to break in and add some code to one of the files. I have patched the exploit in the version of eFiction on our site, and notified the eFiction authors. The hacker (who had a Russian IP address) changed a file to insert a 1x1 iframe on every page on the site. The URL they used was malformed and didn't work, but would have pointed at iframebiz.biz, which tried to load a Trojan onto the target's PC. The registration info on iframebiz.biz is: Ezhi Brozkevitsh Al. Armii Ludowej 24 Warszawa 00-609 Poland +21.225798* I'm presuming he pays hackers to put code onto sites so he can infect PCs for whatever nefarious purpose. Edit:** the eFiction authors have already issued a security patch. :) Posted December 11, 2005 1:27 PM Post a comment Name: Email Address: URL: Remember personal info? Comments: (you may use HTML tags for style)
Tetrap.com Site Map