How to protect your casual surfing from hacked and exploited web servers.
Here's one for you, while I was surfing Xtreme Computer Images I found a few RC Helicopters in the mix and thought that they looked really cool. I clicked on one and Bang! AVG Linkscanner warning.
Now don't follow the image gallery clicking on RC helicopters because you might not like the results.
Here's how my window looked:
If you look closely at the link you can see the words xtreme-pc-software. That has nothing to do with anything I have and the only reason I found it was when I did my normal "Search yourself to find others leeching". (That's what site owners have to do from time to time to keep others from completely plagiarizing your content.)
When I saw a RC website offering up a download if you clicked the link from Google Image Liberaries I thought it was enough to fuel a quick article about why it's important to know instead of surfing with your head in the sand. Would I have known about this exploit if I didn't have AVG Linkscanner? I'm going to say No but later I'm sure I would have known when something was wrong with my workstation.
At least the webmaster offered an email. Now the question is will I be spammed because of their website hacked or are they offering up this virus because they believe in share and share alike?
Here's the information link to AVG about the Exploit Phoenix Exploit Kit.
You can see the site in question has a report about the exploit activity here.
If you look on the page you'll find Websites Affected, Host Countries and Victim Countries.
Now, ask yourself why would someone leave this virus on their website?
Many sites are abandoned others just don't have a good group controlling them.
I'm sure AVG emailed them but to be sure I sent them a note and posted here as well as reported the images in Google.
It's hard enough to keep your computers clean you don't need websites that you would think are good sites infecting your computer.
When the Webmaster replies I'll pull the references down and send a note to AVG so they can test.
Until that time, I'd suggest finding your Helicopter images on another website.
Have a Save and LinkScanner Alert Free Day!
Technical Note: By including additional notices the site owner might actually get a phone call from one of the sites members. It's important to exchange information and I'm sure this site has had many emails sent. 7 days it has been reported and still active. I do feel for them but I feel for the people that now have an Exploit installed.
If you need to test the linkscanner you can download it from AVG's website. www.avg.com search LinkScanner free download but only from their site.
Here's the direct linke to the Free LinkScanner. (But, because you're clicking on a link from a website you should have LinkScanner installed before that so you know it's safer.
Linkscanner works like a cache proxy in that it reads ahead to see if it's on their list. Active Virus Scanner is different in that it reads the virus the site tries to download.
I'll go over and pull some of AVG's and other AV software vendors information about how you can keep your systems running cleaning and safer.
But, in closing AV software is only as good as it's updates and it's guess work. There is no simple solution for complete protection. It's impossible to know every new virus that is released. Well, almost impossible, you'd have to write the viruses to know them and we know that's not what happens, well not all the time.
If you know website design or how web servers work you can attempt to contact the owner of the site. This site I reference here was sent emails and still offers this exploit malware on every image linked in Googles Image Gallery. With that said, Google has reported it.
You can do the same and Google will test and remove infected sites. They have a Webmaster tool just for this type of issue.