The Columbia Business Times ran a story on Phishing, Pharming, and Hacking. They consulted several local businesses that deal with these types of threats. Both Kevin Schmutzler and David Nivens also had several useful insights as to how to prevent these issues using several layers of protection.
We found it interesting that this story went live the same day that the latest round of attacks from the Asprox botnet started spreading via the web and Microsoft SQL Servers.
If you think your website has been infected by the Asprox botnet, give us a call.
We’ve figured out a few ways to innoculate sites from the attacks, even without fixing XSS vulnerabilities in the code itself.
How do you know if your site is infected?
For one thing, you will see links to banner82.com in the form of
<script src=http://www.banner82.com/b.js></script>
If you Google for banner82.com you’ll see thousands of sites that have been compromised.