Thursday, May 07, 2009

Another hack attack?

I am 90 percent sure that the NAC website is under another hack attack. In the previous blog “Hacking and Vandalisation of NAC”, I published the email that Prof. James Fetzer received from SiteGround on the excessively slow loading of pages. (Prof. Fetzer bought the domain name and web hosting with SiteGround of New York, rated the best web hosting company for 2007 and 2008.) SiteGround agreed with me that someone had written a script that made queries to an IP address located in ... Latvia!



What I discovered this morning is that when I go to the NAC homepage something is invoking Adobe Acrobat Reader. Another hacking, a trojan, a virus, a worm? A bit of investigation in Google and I find that a trojan called “gumblar.cn” contains several exploits and trojans that can harm your system, and that it starts its infection by invoking Adobe Acrobat Reader.

We haven’t been notified by SiteGround about any infection but I wonder if this new development is malicious – by attempting to have SiteGround pull down our website because in their view I am hosting a software or a program that may damage the operation of a computer. I am thinking here about the two times the NAC website has already been removed from the internet (see About us).