Major Sites Fall Victim to Web Hijack

How to run a Google search to check if your site has been infected.

Security company Finjan Wednesday reported it has found more than 1,000 sites infected by an attack toolkit called "Asprox," which exploits discovered flaws in a vulnerable site's programming to add hidden attack code. The attack code in turn searches for flaws on a browser's PC, and if any such holes are found it will download malware onto the computer.

I wasn't struck by the number - these days, 1,000 sites unfortunately isn't that many - so much as by the list of sites that Finjan says were hacked. My own city's site, which I've visited many times to pay parking tickets and the like, was nailed (though it's now clean). Snapple took a hit, as did the National Health Service in the UK and a wide range of other sites.

As with a previous SQL injection round, you can check to see if your site has been infected by running a Google search. Before you do, let me repeat a warning I wrote then:

IMPORTANT: DO NOT visit the domain named in the following test, or any sites that show up on a Web search as having this domain listed in their pages' code (including cached pages). Doing so could infect your PC with malware.

This time around, you'll need to run these three different searches, as the attack is inserting different code into different sites. In each case, substitute your site's domain (ie. for "domain."

  • site:yourdomain "b.js"

  • site:yourdomain "ngg.js"

  • site:yourdomain "fgg.js"

    When I ran those searches just now I turned up plenty of still-infected sites, so again, be extremely careful about visiting any of them. If your site turns up in search results, contact your IT department or hosting provider immediately.

    Whether or not your site turns up, it's also a good idea to run the free Scrawlr tool from HP, which can check your site for the kind of vulnerabilities exploited by a SQL injection attack. It's quick and easy to download and run.

    Also, for your own computer's safety, it's critical to keep all your software - not just the browsers and the OS - up-to-date with patches. Finjan writes that this attack kit goes after flaws in QuickTime and the AOL SuperBuddy as well as Windows.

    For more on the assault, see Finjan's blog posting.

  • Join the newsletter!


    Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

    Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

    Error: Please check your email address.
    Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

    Erik Larkin

    PC World
    Show Comments

    Brand Post

    Most Popular Reviews

    Latest Articles


    PCW Evaluation Team

    Tom Pope

    Dynabook Portégé X30L-G

    Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

    Tom Sellers

    MSI P65

    This smart laptop was enjoyable to use and great to work on – creating content was super simple.

    Lolita Wang

    MSI GT76

    It really doesn’t get more “gaming laptop” than this.

    Jack Jeffries

    MSI GS75

    As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

    Taylor Carr

    MSI PS63

    The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

    Christopher Low

    Brother RJ-4230B

    This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

    Featured Content

    Product Launch Showcase

    Don’t have an account? Sign up here

    Don't have an account? Sign up now

    Forgot password?