Select Website 

Recruitment Directory's Blog - Australia's #1 Recruitment Technology Blog!

Back to Menu Back to Menu

How secure is your Recruitment website? Part 3 - Hidden iframe injection

Posted By: Thomas Shaw, 6:06pm Thursday 18 June 2009    Print Article

A new malware attack has been making the rounds recently. It has infected a number of recruitment web sites, job boards and hosting servers. If you suddenly find that your website is triggering your anti-virus software and flagging it as a “dangerous site”, the culprit may be the hidden iframe injection hack.

These types of attacks can cause great harm to your website’s reputation as people are unlikely to ignore the stern warning. Often site owners are bemused as to why this is happening. What is causing their sites to behave in this way and as the webmaster what can you do to remove the warnings from the search results?

In the majority of cases the warning results because hackers have injected code into your website code. This is usually in the form of an iframe, or a web-page within a web-page. To avoid detection, the iframe is made to have a size of 1px, and is then set to be invisible using CSS.

Most malicious domains used in this attack, are blacklisted by Google. And if your site is infected it may also be blacklisted. The Safe Browsing diagnostic page in this case will say something like:

"Malicious software is hosted on 1 domain(s), including..."

If your site becomes infected, contact both your webmaster and your hosting company immediately.




If your website is ever flaged as malicious here are some steps to fix it and resubmit for validation.
  1. Start with your own computer. Scan it with anti-virus and anti-spyware tools.
  2. Once you are sure your computer is clean, change all site passwords - computer, server, website, network.
  3. Keep the new passwords secure. Don’t use auto-upload features of your web site editors. Enter passwords every time you upload new content instead. Use SFTP instead of FTP if possible.
  4. Remove the malicious code (the iframes code) from the infected files on the server. The easiest way to do it is upload a clean backed up version.
  5. Check the server, directory and file permissions. Make sure your settings are correct!
  6. Scan your server directories for any new/suspicious files (don’t forget to check hidden files). Remove anything that should not be there.
  7. If your site was flagged by Google, request a malware review via Webmaster Tools. (read this blog post)
  8. Regularly check your site with diagnostics tools to be sure your site is clean.

Did you know that Twitter checks all URLs before allowing you to post?




Article URL: http://www.recruitmentdirectory.com.au/Blog/how-secure-is-your-recruitment-website-part-3-hidden-iframe-injection-a210.html

Article Tags: virus ahri hrcareers.com.au iframe injection malicious code recruitment websites job board security hacking insecure twitter malware

Comments Hide Comments (0)

Feel free to join in on the conversation. All comments are moderated before publishing. Comments posted by subscribers don't necessarily reflect the views of Recruitment Directory.

Your Name: * Required
Your Email Address: * Required
Website URL:
Comments: * Required
Refresh
Enter the code you see in the image above (case sensitive). Click on the image to refresh it.
 


Back to Menu Back to Menu



Random Blog Articles

Recruitment Blogs
Published: 1:10am Thursday 16 July 2009

It's becoming harder to find appropriate candidates
Published: 9:00am Tuesday 28 September 2010

Linkme infestation
Published: 1:29pm Monday 23 February 2009

What Thomas is reading - 7th Dec 2008
Published: 2:52pm Sunday 07 December 2008

Silly mistakes
Published: 3:25pm Friday 07 September 2012