Watch Out For the <b1> Hack Tag...

4 replies
There is a new Hack on the loose...

You'll want to "View Source" on your sites to look for a suspicious <b1> tag with odd characters between it...

Something like this:

<b1><!--m8ghGhjjak78ksOgCAMBcATQSH+ziP6FBNrCdbUeHrduJvFEB9 KOtYVGhpquiG2PZmZ5+3BztAss5+EyZBokkPxfSvup2YwTkr7B ZfkdiHSIqKovuTyAgHeIWs=--></b1>

Rackspace is currently doing an investigation on this...because it has infected some of their client's sites.

Here was one of their descriptions for this tag:

The data between the tag is random characters followed by the path to the current file both base64 encoded and compressed. This is quite harmless, but my expectations is that the current tag is a proof of concept that will be eventually sold on the black market to profit from pay-per-click links that can be embedded.

So essentially, a bot is going around looking for files that are not "locked down" and then writing code on the site for the purpose of selling the concept to someone who would use it to serve advertisements on your site...

Hope this helps,
Jack Duncan
#<b1> #<b1> #b1 html #b1 tag #hack #hacker #tag #watch
  • Profile picture of the author mmurtha
    Hey Jack,

    Thanks for posting this info.

    Personally, hackers are coming to an all time low these days.
    {{ DiscussionBoard.errors[1346955].message }}
  • Profile picture of the author JamesRad
    Originally Posted by Razer Rage View Post

    Interesting. But this is only one of many. There are new hacks coming out every day. It's almost impossible to keep up with it all.

    That's why common sense is your best defense.

    I totally agree they will always be one step ahead of us, I always run periodic backups of my sites to ensure I have all the data to simple do a full site reinstall if ever needed.

    {{ DiscussionBoard.errors[1346958].message }}
  • Profile picture of the author BrandonHimb
    {{ DiscussionBoard.errors[9729818].message }}
  • Profile picture of the author KirkMcD
    Really, you resurrected a 5 year old thread to say thanks?
    {{ DiscussionBoard.errors[9729955].message }}

Trending Topics