Attack Sites.
I have come across very strange events during the last two days. Yesterday, Google Diagnostics advised me that http://www.pf-armenia.org/, Policy Forum Armenia, was an attack site and advised me not to go there.
Today, blog.oneworld.com, Armenia and the South Caucasus Knot, was similarly flagged.
What's going on? As far as I am concerned, these two sites are legitimate and their authors are not after stealing personal data or installing malware on the users' computers.
Update: Onnik informs that blog.oneworld.am was not infected. There were a few hacked files on the oneworld.am domain that have since been cleaned up. More information is available at http://517design.livejournal.com/262008.html.
Today, blog.oneworld.com, Armenia and the South Caucasus Knot, was similarly flagged.
What's going on? As far as I am concerned, these two sites are legitimate and their authors are not after stealing personal data or installing malware on the users' computers.
Update: Onnik informs that blog.oneworld.am was not infected. There were a few hacked files on the oneworld.am domain that have since been cleaned up. More information is available at http://517design.livejournal.com/262008.html.
8 comments:
I saw that as well, I think yesterday--and I am 99.9999% sure that Onnik is not a threat ;)
There's been something going on with Russian hackers in Georgia, maybe it has somehow spilled over since he has Georgia in his blog? Anyway, hope it's fixed quickly!
http://www.informationweek.com/news/security/
cybercrime/showArticle.jhtml?articleID=209400218
i got the same thing when going to the Policy Forum Armenia site. hackers, but don't know how to address with google...
PFA's website has been hacked after we posted the Election Report. Attempts to fight the virus have so far not been successful. We are working on it though. Please don't give up on us and stay tuned for the Armenian version of the Report. PFA Admin
when visiting the pf-forum site my antivirus (Symantec) detects the following:
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2007-100915-0239-99
http://securityresponse.symantec.com/security_response/writeup.jsp?docid=2008-062316-3633-99
Please ask your hosting company (BAREFRUIT LTD) to virus scan your directories. It is possible you uploaded an infected file.
Hi Nazarian,
Yeah, it looks like someone hacked oneworld.am (but not blog.oneworld.am) and added malicious javascript code to some of my files which linked to a malware russian site.
Not sure who did it or why, but I hope now I've cleared the code from oneworld.am (blog.oneworld.am was always 100 percent safe) I hope Google will change the warning.
More info at:
http://517design.livejournal.com/262008.html
Onnik,
thanks for the update.
Thanks to Google for removing the warning on their search pages. They were quick to reassess my site after the problem became evident.
http://www.google.com/safebrowsing/diagnostic?site=http://www.oneworld.am
Apologies to all who might have been concerned by the warning. Again, I am still unsure as to how the malicious code was inserted and more importantly, who was responsible.
PFA Site is still listed as suspicious and I would recommend them to take a look at Google's analysis in order to rectify the problem.
http://www.google.com/safebrowsing/diagnostic?site=http://www.pf-armenia.org/
Post a Comment