back to article Trojan script gets stuck on superglue site

The website of Super Glue became bunged up with a malicious script earlier this week as part of a tricky problem that was only resolved on Wednesday. Prior to their removal of malicious redirection scripts, visitors to the world-famous adhesive maker's site were redirected to a site punting crud, Avast software warned. It …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Joke

    fixed that for you

    I think your commas in the wrong place. It should read :

    "redirected to a site punting crud Avast software"

    1. Anonymous Coward
      Boffin

      Clearly 2 people with no experience of Avast! software then

      as above

    2. Jean-Luc Silver badge
      Joke

      @fixed that

      I'd hazard that your dismissal of Avast is perhaps caused by unfamiliarity with Norton AV ;-)

      Lucky you.

  2. JakeyC

    Today I learned...

    ...that Super Glue is, in fact, a registered trademark and not a generic type of glue.

    I already knew about Sellotape, so I am disappointed in myself for not realising.

  3. Blain Hamon
    Unhappy

    Stuck on?

    Am I the only one disappointed that the superglue website didn't act as a honeypot and catch the trojan?

  4. Anonymous Coward
    Anonymous Coward

    I swear every time I hear these stories I look for one thing

    IP Address

    IP Netblock / cidr

    That's really all I care about.

    1. Anton Ivanov

      Why do you bother?

      Just block whatever SpamHaus blocks.

      With Squid you can use "acl external" and a small helper written in Net::DNS: take the URL, split out the name or IP, look it up, look up the spamhaus entry and if it is listed make Squid return a 40x. If you run a local DNS resolver on the Squid instance (which is a good performance tuning practice anyway) the performance penalty is negligible.

      This deals with 99.9% of scareware peddling sites because the "infected" web sites and "adverts" only redirect. The final delivery site is nearly always on a block of one of the major "black networks" which are all in SpamHaus. These are the ones that get filtered as a result of using this.

  5. Tom 7 Silver badge

    Avast

    is that the 'AV' software that thinks all Iframes are evil redirects?

    links are dangerous I tell you!!!!

    1. moiety

      IFrames do suck

      It's like ActiveX really - sure there are valid uses, but they are few and far between and the potential for naughtiness is huge. Best to just block them.

  6. Sir Barry

    I'm surprised no-one has said it yet

    Must be bad to get into a sticky situation like this.

    /coat

  7. EJ

    It's a wonder it took only 5 days

    According to Netcraft, the impacted site is ranked 1,139,437th of the most popular destinations. I'd hazard a guess that not many web surfers were exposed to said crud. In fact, I'm surprised anyone even noticed.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019