Check Your Webpage for Hidden Code - RF Cafe Forums
Because of the high maintenance needed to monitor and filter spammers from the RF Cafe Forums, I decided that it would
be best to just archive the pages to make all the good information posted in the past available for review. It is unfortunate
that the scumbags of the world ruin an otherwise useful venue for people wanting to exchanged useful ideas and views.
It seems that the more formal social media like Facebook pretty much dominate this kind of venue anymore anyway, so if
you would like to post something on RF Cafe's
Facebook page, please do.
Below are all of the forum threads, including all
the responses to the original posts.
Post subject: Check Your Webpage for Hidden Code
Posted: Wed Jan 07, 2009 1:31 pm
Joined: Sun Aug 03, 2003 2:02 pm Posts: 878 Location: Erie, PA
I've got an interesting story for you that is
both surprising and at the same time not surprising. A couple
weeks ago, I received an e-mail from someone in Sweden informing
me that the website of a company I link to on RF Cafe was
triggering his firewall software. He said that although the
website appeared legitimate, there was something about it that
must not be right.
Knowing for a fact that the company
was absolutely reputable, I immediately began an investigation.
When I went to the company's website, the only thing that seemed
strange was that its relatively plain homepage took longer to
load than what I expected. My firewall software was not overly
concerned about it. So, I took a look at the HTML code. What I
found was shocking.
At the bottom of the code, just
prior to the closing </html> tag, was about 1,000 lines of code
that contained hyperlinks to hundreds of po rn and
pharmaceutical websites! I called the company and spoke to the
CEO. Understandably, he suspected that I was a loon, but I
managed to convince him to look at the HTML code. I could hear
his jaw hit the desk once he saw what I was seeing.
turns out that the ISP hosting the company website has been
infiltrated with rogue code that was automatically appending
that crap to web pages all over the server. I have not heard
back from the company since then, but I would not be surprised
if some sort of lawsuit is being pursued. Who knows how much
business was lost, and possibly company credibility has been
damaged, by the situation.
This is not my first
experience with such an occurrence. A similar situation occurred
a few years ago with another ISP. If you operate a website of
any sort, you would be well advised to use the View Source Code
option on your browser to verify that your page code has not
Whenever I report on something like
this, I always think back on the headline that I posted a couple
years ago where a high profile hacker/spammer in Russia was
discovered in his apartment with a hammer in his head. Something
about that scenario has a macabre appeal to it.