« Security on AIR: Local file access through JavaScript | Main | Hacking Capitalism: electronic financial trading »

MPack Reveals Stingy Web Hosts

"According to reports, thousands of Web sites, predominantly in Italy, were recently compromised using the MPack malware kit, which contained iframe tags that pointed surfers towards hacker-controlled Web sites.

A security researcher at the SANS Institute's Internet Storm Centre says that only one of the Web sites hosted on the machine had to contain a vulnerable PHP script for the rest of the sites to become infected and often the root cause of the problem is when a Web hosting provider doesn't spend as much as it could on necessary hardware to add an extra layer of protective virtualization. The researcher adds that a good precaution to take is to make sure the hosting provider uses chroot or suExec, which ensures that individual Web sites are not compromised by others sharing the same physical server."

Article Link: http://www.thewhir.com/marketwatch/070507_MPack_Reveals_Stingy_Web_Hosts.cfm


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!