Cyber – attacks with fake antivirus message repelled by Marine sites
by TetraMedia on 22 Sep 2010
SW
As the Internet becomes the entertainment news and commercial focus worldwide, attempts by cyber-criminal groups continue to disrupt business.
In the last 36 hours many thousands of major sites worldwide from Government, financial, news and entertainment sites have been targeted by hackers apparently looking for financial records and credit cards records.
The modus operandi has been to inject rogue scripts into sites via submit forms and searches, which then triggered a false Trojan virus alert.
The presence of the Trojan virus alert on Google index searches flagged to the cyber-criminals they had stage one success and from that point they have been launching more concentrated efforts to access extra database content from the sites.
Richard Gladwell, a 30 year IT veteran and the Editor of Sail-World New Zealand, part of the 17 websites in the TetraMedia Marine group of sites that includes Sail-World Racing and Cruising sites in the USA, Canada, UK, Europe, Asia and New Zealand and Australia commented today 'We've experienced five waves of attacks over the last 36 hours.
'Because we are a 24x7 operation, within minutes of each attack, our IT teams took the entire network down to reduce the number of consumers scared by the false Trojan virus report.
'In fact consumers around the world visiting the thousands of affected sites have been and are still discovering they do not have a virus. Site visitors just needed to close down and restart their browser or reboot their computers to be rid of the annoying message from all the affected sites worldwide.'
He continued: 'The virus message is persistent, sometimes stopping you shutting down your browser, so the next step is to use the Windows Task Manager (press the Ctl Alt and Delete keys to stop your browser that way). Other work won't be affected. To the viewer it is just nuisance value.'
The people most affected are the Sail-World, Powerboat-world and MarineBusiness-World Editors, he explained. 'After running full virus checks on all PCs we use to make doubly sure, we have just had to put up with the hassle from the hackers and work around it.
'Our existing security systems across all our Sail-World, Powerboat-world and MarineBusiness-World sites prevented anything other that these annoying message placements and the perpetrators were unable to access any data within the sites.
'Following industry standard procedures our sites don’t keep an financial data or credit card information online, so the attacks were futile anyway but for the group who has send these automated hacking attacking systems world-wide, its purely a numbers game as there are obviously sites that do keep critical information on line.
'Meanwhile we closed all access points to the websites, via forms and searches and painstakingly built in multiple layers of extra protection for these more sophisticated attacks.
'For the past six hours we’ve been trying very hard to ‘hack’ our own sites using the newly developed hacking methods, with ever decreasing success and will now begin to cautiously re-open all the forms and searches across the sites.
TetraMedia Publisher Rob Kothe summed up. 'We regret the inconvenience for the few hundreds of visitors yesterday and today to our Sail-World, Powerboat-World and Marine Business World sites, who happened to be on our sites, when each of these attacks was launched.
'They, just like us, initially believed the messages which trigger responses in all the major anti-virus programs warning of viruses, and sensibly ran anti-virus checking software with a zero result.
'The prompt closing of the sites upon these attacks meant that tens of thousands of our visitors did not receive their daily news fix, nor their newsletters, but they were spared the misleading fake virus messages.
'Our core IT team in Sydney and Canberra Australia, with help from editors world-wide have been able to stay ahead of this latest group of hackers, with some fast action and a lot of night time hours!
'We look forward to the resumption of normal service across our sites over the next four to 12 hours.
'Across the month we will have more than 180,000 visitors who will read almost 1,500 marine news stories and hopefully they will read only one story, this one, about the failed cyber-attack on our marine news sites.'
If you want to link to this article then please use this URL: www.sail-world.com/74914