Hackers Sneak Malicious Code Into Popular Web Host
from the whoops dept
While Interland, the popular web hosting company for small and mid-sized businesses, denies it’s that big of a deal, stories are coming out that a hacker has found a security vulnerability in their servers. A number of companies that host their sites at Interland say they’ve been finding code on all of their sites that will automatically install harmful trojans on unprotected visitor computers. This is adding an extra layer of sneakiness. There have been stories about websites that will surreptitiously install malicious trojans on visitors’ hard drives (though, the software on those machines needs to be vulnerable first), but in this case, the hackers have broken into popular legitimate websites, and automatically installed the code there to cause the trojans to be downloaded. Thus, most people who get hit will have absolutely no clue what’s happened or where they got the trojan from. In some cases the trojan simply takes control of their computer (probably to later send out spam or host porn) and in others it activates an autodialer on the modem to call expensive 1-900 numbers. Some of the Interland customers who discovered this say that Interland hasn’t done a very good job of getting rid of the code, and it seems to reappear every time Interland gets rid of it. Interland is trying to downplay the whole thing, but it seems pretty serious.