Tuesday, February 17, 2009

amphoe.com blocked by Google

Seems like the webmaster of amphoe.com did not learn much from last year, when their site was hacked twice and redirected to some evil websites. Now my Firefox even greeted me with a big red warning when I tried to open amphoe.com
The details on this security alert - which was discovered by Google - include the following
Of the 60 pages we tested on the site over the past 90 days, 8 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-02-12, and the last time suspicious content was found on this site was on 2009-02-10.

Malicious software includes 54 adware(s), 1 trojan(s). Successful infection resulted in an average of 1 new processes on the target machine.
Some month ago even the Ministry of Defense was blocked like that, and guess what: it still is! Is FireFox not spread enough in Thailand to make enough people notice it and giving the webmaster the loss of face they deserve? I mean, that a small municipality of a few thousand people cannot have a fully qualified webmaster and thus may have their website get hacked unnoticed is something I could understand, but a ministry? And not noticing it for three months - well, at least since December 2nd Google did not find anything bad anymore. I just hope the webmaster of amphoe.com can at least clean up the mess again this time - it seems the site is working right now, but I wouldn't suggest opening it with Internet Explorer and without a decent virus scanner.

Update February 25th
Now the warning screen no longer show, but in fact the site is still compromised. Typing a URL directly in the browser works, but when clicking an external link towards amphoe.com I often end at the malware site leshik.info. Webmaster, please do your work correctly before asking Google to remove the warning!

No comments: