Comments on: Has the Google redirector been hacked? http://furious-citizen.org/2008/08/has-the-google-redirector-been-hacked/ Rants, Rambles and Commentary about Economics, Politics, Technology, Cincinnati, and The United States of America Mon, 08 Sep 2008 22:46:13 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: adminhttp://furious-citizen.org/2008/08/has-the-google-redirector-been-hacked/#comment-3 admin Fri, 01 Aug 2008 07:03:11 +0000 http://furious-citizen.org/?p=36#comment-3 Good find! Any idea on how the site in question became infected with this? Good find! Any idea on how the site in question became infected with this?

]]> By: chmod007http://furious-citizen.org/2008/08/has-the-google-redirector-been-hacked/#comment-2 chmod007 Fri, 01 Aug 2008 07:00:57 +0000 http://furious-citizen.org/?p=36#comment-2 The site shown contains this obfuscated exploit code:window.status='Done';document.write('')The payload at 58.65.232.33, likely checks for a Google referrer, and only runs the malware if it is found, in order to increase its stealthiness. The site shown contains this obfuscated exploit code:

window.status=’Done’;document.write(”)

The payload at 58.65.232.33, likely checks for a Google referrer, and only runs the malware if it is found, in order to increase its stealthiness.

]]>