Thursday, September 10, 2009

I am alive

A symptom of malware infection is often browser redirects- that's when the page you see isn't the page you asked for. It's usually something subtle- a page that looks just like your Internet banking page, but is actually an attempt to steal your password, or a Google search which displays injected malicious links.
Here's an example of an unexpected and mysterious redirect from the Ubuntu forum. The redirected page reads simply "I am alive", apparently the result of a router DNS hijack.
Is it a joke? Perhaps not. Could it possibly be the result of an error on the cyber villains' proxy server, which sits between you and the web site you intended to visit- "I am alive" is a message sent between routers on a network. My best guess is that the victim was never intended to see this message and has received an internal network message in place of a phoney web page.
The moral of the story is: when investigating possible browser redirects, don't neglect to check the router, and all other computers on the network.

No comments:

Post a Comment