SABC Blacklisted by Google

Dominic White

 
Random Entry: 27 Dinner v1.3
< Chip & Spin | Blogging on TechLeader >

SABC Blacklisted by Google

I've been ranting about the SQL injections for a while now. While infecting your visitors with malicious software semi-silently generally doesn't put the pressure on the right people (i.e. the externality lies on the infected user not the infecting business), having your organisation blacklisted by Google shifts that externality. Here are the screenshots of Google warning me that the South African Broadcasting Company (SABC) may harm my computer. Check it yourself by googling 'sabc'. At the time of writing, the SABC had fixed the page.

Strangly enough, of the almost 100 other infected SA domains, the only other two South African domains blacklisted were:

  • gowerpower.co.za
  • 4hair.co.za and fourhair.co.za
  • saart.net

While we're at it, I've found the following *new* domains injected into SA sites:

  1. nihaoel3.com - 21 700 (International), 2 (Local)
  2. qiqigm.com - 80 500, 3
  3. woai117.cn - 5, 1
Finally, as a last, unrelated, poke in the eye, it seems the 'International Housing Research Network' a .gov.za site has had it's forums defaced (they've been contacted):


Monday, June 2. 2008
Posted by Dominic White in Security
Comments (3) | Trackbacks (0)

Last modified on 2008-06-04 08:36
 

Trackbacks
Trackback specific URI for this entry

No Trackbacks

Comments
Display comments as (Linear | Threaded)

#1 Dino C wrote (Link) (Reply)
Posted on Tuesday, June 3. 2008
Great post, I'm with you on the ranting. We have also tried to notify the SABC but were greeted with "there's no issues on our website". After we pointed them to an entire thread on mybroadband.co.za and how Google had blocked their page, things seemed to have changed slightly. In addition, last night we completed an analysis of the one they actually got hit with(which exploits swf, various versions of realplayer and microsoft xml vulns), we will be releasing it on our blog soonish(http://0mghax.blogspot.com).
 
#1.1 Dominic White wrote (Link) (Reply)
Posted on Tuesday, June 3. 2008
Nice one, I look forward to it. Glad to get your blog URL too, will subscribe and added it on the left. Know any other good SA infosec bloggers?
 
#2 Dino C wrote (Link) (Reply)
Posted on Wednesday, June 4. 2008
It's up, but a little bit messy on the blog because of formatting, but the PDF version is available! :) Unfortunately, not that many that I know of, but I will let you know if any come up. I popped in to your office yesterday for a meeting and checked to see if you were in your _specific_ office, but I think that you were off? :) See you soon though!
 

Add Comment

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA