rewritecond | DataProtectionCenter.com

GoDaddy shared servers compromised – .htaccess redirection to sokoloperkovuskeci.com

14

Sep

2011

We are seeing many sites hosted on GoDaddy shared servers getting compromised today (and for the last few days) with a conditional redirection to sokoloperkovuskeci.com. This is what it looks like on our scanner: Suspicious conditional redirect. Details: http://sucuri.net/malware/entry/MW:HTA:7 Redirects users to:http://sokoloperkovuskeci.com/in.php?g=1105 This is caused by this entry that is added to the .htaccess file […]

Category Security Written by Sucuri 0 Comments

WordPress sites with .htaccess hacked

18

Aug

2011

The TimThumb.php vulnerability is causing a lot of WordPress sites to get compromised with the superpuperdomain.com and superpuperdomain2.com remote javascript injection. However, that’s not all that it is doing. On many of the sites we are analyzing, the .htaccess file is also getting modified to redirect search engine and organic traffic to some russian domains. […]

Category Security Written by Sucuri 0 Comments

Understanding .htaccess attacks – Part 1

27

May

2011

Attackers have been using the .htaccess file for a while. They use this file to hide malware, to redirect search engines to their own sites (think blackhat SEO), and for many other purposes (hide backdoors, inject content, to modify the php.ini values, etc).Why do they use the .htaccess file? For multiple reasons. First, the .htaccess […]

Category Security Written by Sucuri 1 Comment

The Latest in IT Security

Posts Tagged ‘rewritecond’

GoDaddy shared servers compromised – .htaccess redirection to sokoloperkovuskeci.com

WordPress sites with .htaccess hacked

Understanding .htaccess attacks – Part 1

Categories

Featured

Archives

Latest Comments

About Us

Contact Us