Challenge
Help!
My website was recently infected, and I can't seem to get rid of the casino ads it is generating!
All I am se...
For further actions, you may consider blocking this person and/or reporting abuse
Good description. :)
I mean here in the example it's easy to spot, because it's not much code to scan, but in a real world project, it might not be that easy to spot after scanning hundreds lines of code.
There's really not much you can do except keeping a close eye on your site's network requests.
Even there, you need to ensure the domain will be rendered as punycode in the network tab.
To check it in the network tab also implies you are running the code, which is quite unsafe for malware, it may already be too late if the malware can execute itself.
A real attacker would need to change the code snippet on google site. Which is, let's be honest, impossible.
However, you indeed need to be really careful with the code you copy/paste from Internet.
The scenario I am expecting here is for a website to be infected, such as a WordPress blog having a vulnerable plugin or outdated version.
Once the website is compromised, the attacker can change the analytics code and it would be really hard to detect.
Creepy.
But good to know!
Since you discover this, maybe you can give us some solutions on how to prevent this? (I have zero experience in security btw)
Nice challenge idea, perfect explanation 👍
Thanks Antony.
My first time hearing about this. Would love to see more security posts.
Check out my profile to find more, I've got few security-related posts out already!