This week, we note that the hijacking of Blogger blogs, observed earlier this month, involving maliciously coded third party Blogger Gadgets, has resumed.
On a positive note, we see that Blogger has now taken responsibility of the problem.
Showing posts with label Blog Hijacks. Show all posts
Showing posts with label Blog Hijacks. Show all posts
Tuesday, March 23, 2010
Friday, March 5, 2010
Social Engineering Attacks Against Blogger Blogs
This month, we are seeing what appears to be the fourth identified social engineering attack against Blogger blogging, in as many months.
In December 2009, we saw a "blogoholic.info" hijack.
In January 2010, we saw a "smashingfeeds.com" / "searchinvented.com" hijack, most commonly involving a "Tweet This" accessory.
In February 2010, we saw a "sendptp.com" hijack, most commonly involving a "falling snow" / "falling hearts" (for Valentines Day) gadget.
This month, we are seeing a "deplayer.net" hijack, apparently involving various "visit counter" / "countdown timer" and "music accessory" gadgets.
Each month, some reports also mention gadgets identified in previous months, also redirecting to the hijack of the month URL. This makes the observed activity very likely to be part of an organised, persistent attack.
The most recently identified attacks use aggressively protected code, and may require manual de install procedures.
Please, be careful of any non Blogger accessory. If you (your blog) are the victim of any such accessory, and can identify where you got the accessory, or where it was recommended to you, your information could be valuable here.
It appears that some malware may be included in some gadgets installed by the Blogger "Add a Gadget" wizard. If you find removing any Blogger gadgets to provide you any relief, please report your findings in my article Some Hijack Malware Is Being Claimed To Be Blogger Provided. Your details, provided there, would be greatly appreciated.
>> Top
In December 2009, we saw a "blogoholic.info" hijack.
In January 2010, we saw a "smashingfeeds.com" / "searchinvented.com" hijack, most commonly involving a "Tweet This" accessory.
In February 2010, we saw a "sendptp.com" hijack, most commonly involving a "falling snow" / "falling hearts" (for Valentines Day) gadget.
This month, we are seeing a "deplayer.net" hijack, apparently involving various "visit counter" / "countdown timer" and "music accessory" gadgets.
Each month, some reports also mention gadgets identified in previous months, also redirecting to the hijack of the month URL. This makes the observed activity very likely to be part of an organised, persistent attack.
The most recently identified attacks use aggressively protected code, and may require manual de install procedures.
Please, be careful of any non Blogger accessory. If you (your blog) are the victim of any such accessory, and can identify where you got the accessory, or where it was recommended to you, your information could be valuable here.
It appears that some malware may be included in some gadgets installed by the Blogger "Add a Gadget" wizard. If you find removing any Blogger gadgets to provide you any relief, please report your findings in my article Some Hijack Malware Is Being Claimed To Be Blogger Provided. Your details, provided there, would be greatly appreciated.
>> Top
Subscribe to:
Posts (Atom)