Servers of Australian Web Hosting Company Hacked to Push Website Ranking
Russian and Turkish hackers are reported to have exploited security holes in a web-hosting firm based in Melbourne to potentially corrupt hundreds of websites of Australian enterprises.
The online version of The Australian newspaper lately reported that a Russian hacking scam has hit a web host in Australia. MD Webhosting, http://www.mdwebhosting.com.au in Melbourne, confirmed that someone hacked into its servers and added malicious code to its customers' websites.
It was found that the scam used sophisticated techniques in which a number of links were embedded onto the infected pages of a website. These links are called 'link farms' and the act, 'link farming', is an exchange between reciprocal links and websites. With link farming, the target site's popularity apparently boosts with improvement in its ranking on search engines like Google and Yahoo!. In the Australian scam, the link farms linked to pharmaceutical sites that attempted to push up their ranking on Google.
According to estimated figures, the scam has affected 5%-10% of a total of 20,000 customers. Tom Najda, Business Services Manager at MD, admitted that the company's servers lacked the necessary securities and that absence of updated firewalls and up-to-date IP blocking systems in the company compounded the problem. Australianit published this in news on December 20, 2007.
Najda confirmed that the problem was solved in the fourth week of December 2007 and that the company had begun passing the solution to all its clients' servers expecting to complete the process by the first week of 2008.
One customer, Daniel Livingstone, who runs his Non-Government Organization (NGO) website www.adralas.org, is thinking about shifting his business to some other place. Livingstone said that such a huge number of files were infected that he had to shut down the site, and that it would take two days to reconstruct it. Australianit published this on December 20, 2007.
Vice President of development at CA (an enterprise security firm), Eugene Dozortsev, said that the attack has raised an alarm to many businesses. He said that there could be more attacks on the same hosting company or e-mail, or even to plant bugging technology. Australianit published Dozortsev's statement.
Related article: Server-Side Polymorphic Viruses Beat Standard AV Signatures
» SPAMfighter News - 07-01-2008