back to article Trojan script gets stuck on superglue site

The website of Super Glue became bunged up with a malicious script earlier this week as part of a tricky problem that was only resolved on Wednesday. Prior to their removal of malicious redirection scripts, visitors to the world-famous adhesive maker's site were redirected to a site punting crud, Avast software warned. It …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Joke

    fixed that for you

    I think your commas in the wrong place. It should read :

    "redirected to a site punting crud Avast software"

    1. Anonymous Coward
      Boffin

      Clearly 2 people with no experience of Avast! software then

      as above

    2. Jean-Luc
      Joke

      @fixed that

      I'd hazard that your dismissal of Avast is perhaps caused by unfamiliarity with Norton AV ;-)

      Lucky you.

  2. JakeyC

    Today I learned...

    ...that Super Glue is, in fact, a registered trademark and not a generic type of glue.

    I already knew about Sellotape, so I am disappointed in myself for not realising.

  3. Blain Hamon
    Unhappy

    Stuck on?

    Am I the only one disappointed that the superglue website didn't act as a honeypot and catch the trojan?

  4. Anonymous Coward
    Anonymous Coward

    I swear every time I hear these stories I look for one thing

    IP Address

    IP Netblock / cidr

    That's really all I care about.

    1. Anton Ivanov

      Why do you bother?

      Just block whatever SpamHaus blocks.

      With Squid you can use "acl external" and a small helper written in Net::DNS: take the URL, split out the name or IP, look it up, look up the spamhaus entry and if it is listed make Squid return a 40x. If you run a local DNS resolver on the Squid instance (which is a good performance tuning practice anyway) the performance penalty is negligible.

      This deals with 99.9% of scareware peddling sites because the "infected" web sites and "adverts" only redirect. The final delivery site is nearly always on a block of one of the major "black networks" which are all in SpamHaus. These are the ones that get filtered as a result of using this.

  5. Tom 7

    Avast

    is that the 'AV' software that thinks all Iframes are evil redirects?

    links are dangerous I tell you!!!!

    1. Anonymous Coward
      Anonymous Coward

      IFrames do suck

      It's like ActiveX really - sure there are valid uses, but they are few and far between and the potential for naughtiness is huge. Best to just block them.

  6. Sir Barry

    I'm surprised no-one has said it yet

    Must be bad to get into a sticky situation like this.

    /coat

  7. EJ

    It's a wonder it took only 5 days

    According to Netcraft, the impacted site is ranked 1,139,437th of the most popular destinations. I'd hazard a guess that not many web surfers were exposed to said crud. In fact, I'm surprised anyone even noticed.

This topic is closed for new posts.

Other stories you might like