defacement in the web today

current trends and examples of website defacement *warning: links to mirrors of hacked sites may contain malicious code*

Monday, July 10, 2006

Google searches inside executables

Seems Websense has actually done something other than block every other website on the net. In the last month they have managed to find 2000 malicious sites using Google's binary search. The search allowed them to look inside executables (.exe) code and determine if some of them were trojans. Many of these were posted as something helpful on forms and newsgroups hoping to lure users into running them. Hopefully sites are aware that they might unknowingly have malicious code posted to their site if they have a forum or wiki setup. If a security company can use google to find this malicious code so should the webmasters. A Google search of "Signature: 00004550” will result in many different executables and viewing a result as html will allow you to see some information about that executable. I would suggest searching your own site to make sure you don't have any executables you're not aware of that could have been remnats of someone hacking/defacing your site. "site:yoursite Signature: 00004550" should do the trick.


Post a Comment

<< Home