Run, and Hide

Someone, via a SQL injection, infected this blog with an iframe linking http://googlerank.info/counter on every one of the pages. The location was at the very bottom of the post, and thanks to a tip from a visitor this was discovered last Sunday. Additionally, an iframe was located in the link to A List Apart. These were all removed on Sunday as the investigation began. The fool that placed the code even placed it on drafts and protected pages, which is a clear sign of a SQL injection by a script (kiddy).

The logs are being checked, passwords changed, and software updated. Additionally, a nice CSS entry will now highlight any iframes on this page for anyone that isn’t using IE6 (IE7 should work). If you see a big red box with dashed black border on this site, let me know, as that is an iframe and should not be there. The kiddy will be caught and I’ll make sure his life is ruined.

-John Havlik

[end of transmission, stay tuned]

Leave a Reply

Your email address will not be published. Required fields are marked *