Comet Blog
Ramblings of Comet--Berkeley

More Hacked in the Green Zone

Thursday, May 29, 2008   09:52:00 AM PDT

May 28, 8:47 AM PDT (GMT-7)
So called "trusted" web sites are no longer trustworthy as I reported in my earlier blog:
Hacked in the Green Zone

The good news is that the San Francisco Chronicle reported on this on May 6, 2008:
Internet criminals gaining ground, experts say

The bad news is that I found a new problem. And I did not see that anyone else has picked up on the problem.

Here is what I found. On the morning of Tuesday May 27, 2008 the Daily Horoscope was hacked. Embedded inside of the description for each sign of the zodiac was a tag like this:

<script src=></script>

So if a Windows computer user clicked on his sign, then he would download some spambot, virus or who knows what from several web sites registered in China.

Essentially, the home computer is compromised and the hacker can do anything he likes with the machine.

Is the only web site to have this problem?

Heck no. Doing a google search comes up with over 200,000 hits.
Thousands of these websites are still infected!

Examples: (Don't go to these websites unless you are protected!)

How did this happen? I would like to know. Somehow hackers are compromising thousands of web sites like and changing their web pages.

What can the average home computer user do? Use the Firefox web browser with the NoScript add-on.

Another option is to just not use Windows, use Linux.

Update May 29 9:53 AM PDT

I reported the problem to and they flagged as a "bad" website. So if you do a Google search and try to click on an infected website, then a warning page appears first.

The "cause" of the infection appears to be by SQL injection into the Microsoft SQL server by use of custom variables to a web form input, the same old web cgi, client-server problems that have been around for decades.

Here is a technical description of the problem:

Back to Comet Blog.