Website hacked and defaced with hidden iFrame...

polonus · 2016-12-10T22:19:21.000Z

Re: http://killmalware.com/bobsticker.com/#
-https://aw-snap.info/file-viewer/?tgt=http%3A%2F%2Fbobsticker.com%2F&ref_sel=GSP2&ua_sel=ff&fs=1
Hidden iFrame:

</ht

Defacement hack:

Suspicious
XXXfzv0htfnrm7wqskonhowkaqavhjg">hacked by abdellah elmaghribi
<div class=“kv” style="margin-bottom:

And again GoDaddy abuse: http://toolbar.netcraft.com/site_report?url=http://bobsticker.com

polonus

Secondmineboy · 2016-12-10T22:29:27.000Z

http://prntscr.com/dhv4as

No wonder its haclked on that outdated stuff…

polonus · 2016-12-10T22:57:00.000Z

Hi Steven,

That is what you get when websites are treated as cash-cows by hosters and security is not a first priority: For that apache server version exploit: https://hackerone.com/reports/66929

Due for instance to insecure handling of the HTTP headers, and with PHP.cgi for that version you are food for the birds
through remote code execution.

Read on Kaspersky’s analysis = -https://threatpost.com/new-exploits-arrive-for-old-php-vulnerability/104881/
(I decided to block that link as too much of customized XSS malware code is shown and comes flagged by my Malware Script Detector v.v.1.1.), so be warned before visiting this link.

polonus

Announcements