April 18, H Security – (International) Google warns the operators of thousands of hacked web sites. The head of Google’s Webspam team announced that Google sent out a message to the webmasters of 20,000 sites informing them their sites may have been hacked. In the e-mail message, the firm warned operators that the affected sites appear to be being used to redirect visitors to a malicious site. Google asked the site administrators to check the files in their Web space for an eval(function(p,a,c,k,e,r) JavaScript code segment. The eval() function can be used to execute JavaScript character strings that may have previously been decrypted using an unpack feature. Google also warned of specially crafted .htaccess files. These may cause a file to be redirected only in certain circumstances, for example, when a visitor accesses the page via Google. Consequently, regular visitors to a site, such as the webmaster, will be unaware of the infection. The e-mail contains a link to Google’s Webmaster Tools support page with instructions designed to help webmasters clean up their sites. Administrators were also being asked to close the security hole that was exploited to infect the site.
