Hackers Attacked Santa’s Website

This year is risky for Santa Claus too, as StopBadware.org reported on December 21, 2006 that hackers targeted the site of a philanthropist who has the legal name of Santa Claus. They uploaded and iframe' onto the website that installed malware on the computers of the site's visitors.

The consumer advocacy coalition stopbadware.org said the man from Nevada approached it requesting to determine why his website was being shown within Google Inc.'s Website filters. They discovered that Santa's Website: Santaslink.net, had been hacked.

Claus, who describes himself a monk, runs the Santa's 'Bless the Children Tour', a program that advises children and is sponsored by a Lake Tahoe Episcopal church. The man with the white beard has traveled 15,000 miles during the past five months meeting with state and federal legislatures, state agencies, and houses of worship for the cause of health, safety, and welfare of children, especially those deprived of parents.

Stopbadware.org had originally singled out Santa's site as one with malicious content. Under the partnership between StopBadware and Google, when visitors were led to the children's advocate site via Google search engine, a warning pop-up alerted that there was risk entering the site.

When Claus approached StopBadware to find out what filtered his site, the organization did some investigation and said that someone sneaked into the site and embedded a badware link without the knowledge of Claus.

StopBadware developer Jason Callina wrote in a blog that Claus had contacted local experts regarding the issue but they could not identify the problem in the site, whereas StopBadware immediately spotted a little bit of code containing a badware link at the bottom of the homepage. The link was really an 'iframe' that would install badware onto visitors' machines through a JavaScript exploit.

The problem was quickly resolved, however, on December 22, 2006, the malware again appeared on the Website. According to Roger Thompson, CTO of Exploit Prevention Labs Inc., the Website was again downloading malicious software. The software exploits a flaw in Internet Explorer that Microsoft had fixed last August. This means the older versions of the browser with the flaw could pose risk.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 12/28/2006