Phoenix Computer Repair and Business IT Support | Expert Solutions You Can Trust
 
 
 

Computer Repair Experts in Phoenix, Arizona. my PC Techs Presents:

Tech Tips - Business IT Support Tips


RSS feed for my PC Techs news  RSS Feeds: Entries (RSS) and Comments (RSS)

Pages

Tech Tip Archives
Log in

Which Do You Use Most Often for Work?

View Results

Loading ... Loading ...

Websites are being taken over to gain control of your computer

There is a new computer exploit in the wild, one that allows hackers and criminal elements to inject code of their choosing into popular internet websites. Once this code has been injected to the unsuspecting website, and you visit it, your computer will become infected with additional code that allows the hackers to then gain control over your computer. What’s worse, you will probably never know that your computer is infected without the help of a computer security expert. Just by visiting websites on the internet you’re at risk. Once infected, your computer will be used by the hackers to remotely send spam, steal private data, purchase goods on stolen credits and perform other types of online crime. All of this will happen invisible to you, in the background, using your internet connection. When the authorities go to trace back the source of the crimes that have been perpetrated, they will see your IP address and mistake you as the criminal, because the crimes originated from your ISP, even though you had nothing to do with them!

There are basically two problems at work here. First, there is a problem with vulnerable Microsoft IIS web servers, along with Microsoft SQL and Active Server Pages (ASP). The problem is described pretty well over at Dancho Danchev’s blog. This is a SQL injection attack and it works on servers with website code that is poorly written and does not validate input passed via ASP forms to SQL server. There’s a pretty impressive (but partial) list of websites that are infected via this Google Link. Basically, the majority of websites in this list (and many, many more that aren’t listed) will cause your computer to become infected upon browsing to them. I do not recommend you browse to or visit any of the websites listed unless you are using the Firefox browser and have the noscript add-on installed. See my earlier post that links to and describes browsing the internet safely with noscript and Firefox.

Website owners beware. If any pages on your website have a script that looks something like this, you’re infected: “script src=http://www.nihaorr1.com/1.js” If you currently own or manage a website and are concerned about the possibility of your website being infected, contact Leo Polus today. We offer professional website services and can check your server for problems, cleaning up any vulnerabilities if found.

The second problem exists on the computers of individual internet users. It deals with the alarming rate at which Javascript is expanding into every website on the internet. You can hardly use a modern website on the internet without Javascript being enabled, and this presents a real challenge for Noscript. Noscript works when you use it sparingly, turning it on only for the most trusted of sites that you visit. Now, with the exploit taking over legitimate websites, even those sites that you think you can trust and enable scripting for could in fact contain malicious code that will damage your computer. Noscript is no longer a reliable security tool under these circumstances. In fact, noscript could actually be harmful, giving you a false sense of security on websites that you’ve always been able to trust but have since been exploited.

The best defense against this existing threat is the use of Windows Hosts files. I won’t go into the details of using Windows Hosts, there is already a lot of really good information on the internet that can tell you how to configure them. Personally, I’ve added both 127.0.0.1 nihaorr1 .com and haoliuliang.net to Windows Hosts and now I can feel a little bit safer. Exploits that take advantage of scripts on these websites will instead harmlessly bounce back to my local machine. There are plenty of other exploit websites you can find to add to a Windows Hosts file just by searching on Google.

If you are concerned about the security of your computer or your personal data, please contact a computer security professional at Leo Polus immediately to have your computer scanned, cleaned and protected.

 

Your feedback is appreciated. Leave a comment below:

 

 

Call (602) 456-0150 or email us admin@mypctechs.com
to schedule a FREE computer systems evaluation for your business.

Or click here to send us a message from our website.

 


 


WE WORK HARD FOR YOU, BUT DON'T JUST TAKE OUR WORD FOR IT!
We've helped over 1,000 satisfied businesses throughout the Phoenix valley, click here to view some of their testimonials:

computer tech support near mePhoenix Computer Repair Testimonials on Google My Business My PC Techsmy PC Techs on TwitterFacebook Page for my PC TechsTech Support by United States Citizens Based in Arizona
Home | Computer Repair Phoenix | Managed IT | Web Development | Testimonials | Contact | Privacy | Pay | Blog RSS feed for my PC Techs news | Site Map

Phoenix Arizona: 125 N. 2nd Street, Suite 533 Phoenix, Arizona 85004
Phone: (602) 456-0150 | Email: admin@mypctechs.com
©2010 my PC Techs is owned and operated by Leo Polus, L.L.C., concept by Andre Morris
 

Managed IT and Computer Repair services for these Arizona cities: Ahwatukee, Carefree, Cave Creek, Chandler, Chandler Heights, Fountain Hills, Gilbert, Glendale, Higley, Laveen, Mesa, Paradise Valley, Peoria, Phoenix, Scottsdale, Tempe

To learn how Managed IT and Computer Repair services can help your Phoenix area business save money and increase productivity, click here to visit Phoenix Computer Repairs.

my PC Techs | Expert IT and Computer Repair Solutions You Can Trust | (602) 456-0150