Infected web servers

The article "Modern Internet attacks" is provided by Sophos Plc and SophosLabs.

August 2007

There are several viruses based on altering HTML files and scripts (PHP, ASP and other). Fujacks [44] and [45] Pardona families change such files by embedding iframe tags. Both families were designed for the Windows platform, so their scope is limited to a subset of servers. However, because Microsoft IIS [46] is used by more than 30% of servers, the potential threat presented by these families remains real. It can be proved by the fact that in 2007 SophosLabs detected many pages infected by these viruses. A curious side effect of these viruses is that they also add iframe tags to other types of files (for example, GIF images). Such files are usually secure (the author isn't aware of any graphics software that can interpret the attached tag as an HTML code).