> I got a Google News email notice a few minutes ago of an article that > sounded interesting from svg.org. It was published today. > <http://svg.org/section/Diary>. I started reading, decided to click on > a link, and was transported to a porn site. In checking further, it > looks like nearly all of the hyperlinks on the page lead to different > porn sites. But this is a serious organization and the article deals > with a serious subject in a serious way. It seems unlikely that the > author submitted the article with the porn links in it, particularly > because many of the links from comments posted on the page also point > to porn sites. > > I've sent the site admin an email about it, but I started wondering > what kind of security hole might enable a porn link spammer on a > production basis to gain access to a web site's content and > automagically substitute URLs in content hyperlinks. Any new known > malware tools out there for doing this kind of thing on a production > basis? I['ve never encountered anything like it before. My sniff is > that this is something done by a person who spends all day doing the > same thing around the web.
It looks like they probably hacked a style sheet or put in a chunk of php code to alter common words and add links to the porn sites. > I know I would not be a happy camper if all the links on my site > suddenly became links to porn sites. So I'm interested in > double-checking my security against any known new exploit that might > have been used to trash that site. Of course I can't rule out that a > site admin is is playing a joke on the author of the article. This looks more like someone outside playing a prank. A bit more subtle than the usual defacement. _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug