Java Script and Redirector
Types of malware champion the most common infecting internet sites in Indonesia is the type of Java Script and Trojan redirector like JS: Trojan.Script.AAL or also known as JS: ScriptIP-inf and Trojan Redirector. The few examples of malware actions are as follows:
Trojan Redirector if successful will infect directly access switch as shown in figure 1 and 2.
Figure 1, the initial process of transfer of infected sites Trojan Redirector
Depending on the wishes malware authors, if Redirector will redirect visitors to another site and the experiments conducted Vaksincom redirected visitors to a site that offers a slimming body. Still profit (profit continues: p) is not redirected to porn sites or sites that contain malware.
Figure 2, The access to government sites will then be transferred to the seller's site body slimming products.
How to JS: ScriptIP-Inf can infect internet server, most likely because it exploits vulnerabilities web server to embed itself and automatically it will show itself in the sites visited by injecting himself in certain parts of the site. (See figure 3)
Figure 4, the world's publicly traded companies that are victims JS: ScriptIP-inf detected by G Data Total Protection 2013 as JS: Trojan.Script.AAL
How to prevent it
Security is a process, and we could not buy safety / security. Proverbial padlock, you can buy a padlock art, but art that you should lock mounted on a strong fence to the correct method as the key should not be placed at random so that it can be taken / copied others. In addition, although the lock can not be tampered with, if the fence is weak thief could well result in from other parts of the fence / wall is weak.
In this case, Vaksincom advise webmasters to find a reliable hosting company on a regular basis and do maintain up webservernya. If you want to do yourself, make sure that all safety aspects are covered, both webservernya protection, DNS and others should also be a concern.
If your site visitors / users computer layman, Vaksincom recommend you to use antivirus program that has the ability to "Web Protection" (see Figure 5) because it proved capable of protecting you from malware threats that lurk in the browser (see Figure 6)
Figure 5, G Data Total Protection 2013's protection features to protect you from malware that lurks from browser
Figure 6, G Data Protection immediate action memblik Web site that contains malware and is compatible with Firefox, Chrome and Internet Explorer.
The list of 22 sites of Indonesia throughout the month of January 2013 were detected containing malware can be seen in figure 7 below. As at January 30, 2013, the majority of the site still contains malware and has not been cleaned. Some are calling the site administrator Vaksincom respond well and quickly anticipate malware infections on site management. This is important because it indirectly provide a site that contains malware threat to the visitors who could have been your customers (if you are a company), your people (if you are the government) or principal and your suppliers and this is definitely going to give a bad image to the image company / organization.
Figure 7, list several pages infected with malware in Indonesia January 2013
Souce : http://vaksin.com/, translate by Yohanes Gitoyo., S Pd. , January 30, 2013