Thursday, February 19, 2015
Webroot reports on (political) hack threats to share-hosted sites; Facebook friend request spoofing seems more sophisticated now
Webroot is advising webmasters that there is shelf software in the underworld that criminals can use to hack sites on shared hosting servers. It has to do with “account privileges” and use of FTP and SSH, and “iframe embedding” (that’s how Youtube videos are embebdded), link here.
I don’t pretend to understand all the coding details shown here.
However, people who use regular shared hosting and use FTP to update content should be aware of the risk, and spot check and monitor their sites, especially more obscure or less-used or older links, periodically. It wasn’t clear if Windows or standard Unix hosts were more at risk. Such hacks might be politically motivated instead of money schemes. I had one such hack, in April 2002, on a Unix site no longer active, on a passage dealing with 9/11 and nuclear weapons threats.
I’ve also noticed that sometimes I get fake Facebook comments or friend invites, which could contain malware. Today I got an email offering a friend request, even from a Facebook email, but there was no such request when I went to Facebook and the person did not exist on Facebook. The cursor test had passed, so this might be a more sophisticated hack, involving redirection. I don’t know how Facebook goes after this abuse.