Virgin's embarrassing weekend - website auditing software and trojans?

Pierre Sahores psahores at free.fr
Thu Apr 8 05:06:44 EDT 2010 

Great Post Douglas and yes, it's doable to design some usefull soft to  
feet the described need in using Rev. If you feel confortable to list  
the main fonctionnalities such a soft need to include, don't hesite to  
drop me a mail offlist. It's certainly a way to code such a soft  
quickly.

Best Regards, Pierre

Le 8 avr. 10 à 02:07, Douglas a écrit :

> OK, the subject got your attention. (or perhaps it just put this  
> straight into your spam or trash?)
>
> Honest, it's not quite what you think! It is quite a long story, but  
> it DOES have something to do with using RunRev - please bear with me.
>
> Britain's biggest cable network supplier VirginMedia had a little  
> problem last weekend, but they don't want anyone to know.
>
> Last Friday (2nd April) I discovered their website (virginmedia.com)  
> was littered in scripts that would start a malware trojan download  
> on to users computers.
> I put in a report through their "security" system and expected it to  
> be looked into quite quickly.
> Then, 5 hours later, as nothing at all had happened on site and  
> users were presumably still getting infected I put a 2nd report.
> Then the next morning a 3rd report.
> Finally, I started informing the anti-virus companies in the hope  
> that they would force Virgin into action.
>
> I managed to get the warning systems for the Firefox and Safari  
> browsers which use Google info for blocking bad sites to block parts  
> of the site after getting Google to scan the site.
> See the Google report at http://google.com/safebrowsing/diagnostic?tpl=safari&site=help.virginmedia.com&hl=en-us
> - out of the pages scanned, 18 had bad scripts!
> I then sent a 4th report to virgin "security" stating that I had to  
> go to the community due to their inaction.
> A few hours later, "closed for maintenance" notices started to go up  
> on large bits of the site.
>
> It took virgin "security" 5 days to reply to my reports! (After the  
> site has now been cleaned and the bad pages rewritten.)
> I am now in the process of discussing security with the "security"  
> team. - possibly lucrative?
>
> Obviously, VirginMedia do not use any form of auditing software on  
> their website or they would have known that the infected pages had a  
> different checksum than the last time they were checked.
>
> I realise that there must be some form of proper auditing software  
> available for exactly this purpose.
> There are obviously complexities involved to allow for authorised  
> editing, adverts etc., but the basic framework would be fairly  
> simple wouldn't it?
> I don't want to start working on this if it has already been done a  
> thousand times already!
>
> Hence the reason for this post - has anyone already done a similar  
> app that you know of?
>
> Douglas
>
> ps. McAfee were rubbish, even having reported this to them and the  
> fact that their anti virus/malware system allowed the malware/trojan  
> to infect PC's. I sent them the URLs of infected pages, signed up as  
> a"SiteAdvisor" and reported the site.
> They STILL reported the site as safe all the way through on their  
> siteadvisor.com!
>
>
>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your  
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>

--
Pierre Sahores
mobile : (33) 6 03 95 77 70

www.woooooooords.com
www.sahores-conseil.com

More information about the use-livecode mailing list