Eye On DNA Down
by Dr. Hsien-Hsien Lei
Posted June 25, 2007 in DNA in General
I got hacked last night. Everything should be running now but please let me know if you encounter anything wonky. Thanks!
FYI, the update from my host, Siteground.com (aff):
Hello Hsien-hsien,
We have carefully revised the issue in details and it turned out that the hackers used two different ways to infect customers websites.
The fist method is actually a program called MPack, also known as Trojan.Mpkit!html. This is a software that is being installed on a third party server, written in PHP and using a MySQL database to collect any statistics of hacked website and compromised end-user computers.
More detailed instruction about this malware can be found in the Symantec articles repository.
In addition to this, there is a movie, which explains the exact way this software works:
The second way of compromising a website is to use an unknown until the current moment bug in the cPanel control panel system. That bug is used to start the MPack program, which reflects into adding unwanted source code to your (any) website on the server.
The actual “infection” is a source code injection into any and all htm/html/php files on your account – an <iframe> HTML tag at the end of each PHP/HTML page. The frame itself includes a redirect to hacker’s server with the Mpack installed on it. The redirect is designed to be invisible to the visitors of the website. Once the request is sent to the hacker’s server, it analyzes the visitor’s computer and chooses which exploit to be forwarded to it.
Said in simple words – the attackers/hackers are trying to insert a simple source code into as many websites as possible. If they succeed, they infect the websites and all visitors to the websites will be potentially infected by the self spreading viruses/worms.
SiteGround always cares about the security of your website and about stopping these kind of attacks for the shortest possible timeframe. We have managed to find a workaround for this serious issue and we are currently working on developing a permanent solution. Here is what we have done so far:
1) We have managed to identify how the viruses/worms spread on websites.
2) We have managed to identify the “whole” within the cPanel software and have already notified it’s developers, who should be preparing a fix which will not allow that to happen again.
3) We have managed to create a custom script, which goes through all infected accounts and cleans the infected content. As a precaution, that script will be run automatically on a given period of time and will be also run on customer’s request.
At this stage, we strongly advise you to consider the following measures on your end:
1) Change all your passwords: SiteGround Customer’s Area, cPanel, website administration panel (if applicable), email passwords;
2) Run an antivirus scan on your local computer and make sure it is not infected with any kind of viruses.
I have just run the script to clean your site. If you see the virus warnings again, please post a ticket in the “Site Down” category.
Best Regards,
Anatoli D.
Senior Support Team
SiteGround.com

Related Posts:
No related posts
2 Comments
Sorry, the comment form is closed at this time.
Search Eye on DNA
- Genetic Genealogy on Faces of America
- DNA Network Tweet Cloud
- DNA{wesome}
- Genetics = Real Science
- Larry David’s DNA Test
- Lopez Tonight First Late-Night Show to Offer DNA Testing
- American Genes Don’t Exist
- Knowledge about Genetic Risk is Power or is it Fear?
- Murderer Gets Reduced Sentence Because His Genes Made Him Do It
- Video: Knome’s Ari Kiirikki Speaks with Medgadget
MOST POPULAR
- DNA Toys: Ben 10 and Digimon Digivice
- 100 Facts About DNA
- Salaries for Jobs in Genetics
- Fetal Gender DNA Tests Answer Common Pregnancy Question...Or Not
- What does DNA mean to you?
- Eye on DNA Interview: Dr. Tzung-Fu Hsieh of RedTracer DNA Test for the Red Hair Gene, MC1R
- Books About DNA: The Crime of Reason by Robert B. Laughlin
- Genetically Modified Organisms Bring in the Cash
- Navigenics Introduces Physician Portal and Annual Insight Service
- Parenting Children Using Genetic Tests
- People Who’ve Had Their Genomes Sequenced
09/29/2009 07:03 am
8 Comments - Larry David’s DNA Test
11/17/2009 02:52 am
1 Comment - 23andMe DNA Tests for $399, Down From $999
09/10/2008 04:33 am
6 Comments - Crazy Genetic Marketing Ideas
07/05/2008 09:14 pm
7 Comments - Parenting Children Using Genetic Tests
05/18/2009 02:09 am
4 Comments - Business of DNA
- DNA @ Google Answers
- DNA and Disease
- DNA and Genealogy
- DNA and the Law
- DNA Around the World
- DNA Fun
- DNA in General
- DNA Inventions and Gadgets
- DNA Lab Talk
- DNA Podcasts and Videos
- DNA Quotes and Excerpts
- DNA Testing
- Gene Therapy
- Genetic Engineering
- Genetically Modified Foods and Organisms
- Jobs Involving DNA
- Personalities with DNA
- Polls About DNA
RECENT POSTS
RECENT COMMENTS
CATEGORIES
ARCHIVE
- January 2010
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
RANDOMIZED BLOGROLL
- Genetizen
- SciGuy
- inkycircus
- John Hawks Anthropology Weblog
- Science With Me!
- Off The Road
- OMMBID Blog
- Evolution Minute
- GMO Africa
- Microarray Blog
| We comply with the HONcode standard for trustworthy health information: verify here. |




That sucks! I hope you’ll have everything running again smoothly soon.
x
Thanks, Rosie. It was an educational, but not fun, experience. AHHH!