Select Website 

Recruitment Directory's Blog - Australia's #1 Recruitment Technology Blog!

Back to Menu Back to Menu

How secure is your Recruitment website? Part 3 - Hidden iframe injection

Posted By: Thomas Shaw, 6:06pm Thursday 18 June 2009    Print Article

A new malware attack has been making the rounds recently. It has infected a number of recruitment web sites, job boards and hosting servers. If you suddenly find that your website is triggering your anti-virus software and flagging it as a “dangerous site”, the culprit may be the hidden iframe injection hack.

These types of attacks can cause great harm to your website’s reputation as people are unlikely to ignore the stern warning. Often site owners are bemused as to why this is happening. What is causing their sites to behave in this way and as the webmaster what can you do to remove the warnings from the search results?

In the majority of cases the warning results because hackers have injected code into your website code. This is usually in the form of an iframe, or a web-page within a web-page. To avoid detection, the iframe is made to have a size of 1px, and is then set to be invisible using CSS.

Most malicious domains used in this attack, are blacklisted by Google. And if your site is infected it may also be blacklisted. The Safe Browsing diagnostic page in this case will say something like:

"Malicious software is hosted on 1 domain(s), including..."

If your site becomes infected, contact both your webmaster and your hosting company immediately.

If your website is ever flaged as malicious here are some steps to fix it and resubmit for validation.
  1. Start with your own computer. Scan it with anti-virus and anti-spyware tools.
  2. Once you are sure your computer is clean, change all site passwords - computer, server, website, network.
  3. Keep the new passwords secure. Don’t use auto-upload features of your web site editors. Enter passwords every time you upload new content instead. Use SFTP instead of FTP if possible.
  4. Remove the malicious code (the iframes code) from the infected files on the server. The easiest way to do it is upload a clean backed up version.
  5. Check the server, directory and file permissions. Make sure your settings are correct!
  6. Scan your server directories for any new/suspicious files (don’t forget to check hidden files). Remove anything that should not be there.
  7. If your site was flagged by Google, request a malware review via Webmaster Tools. (read this blog post)
  8. Regularly check your site with diagnostics tools to be sure your site is clean.

Did you know that Twitter checks all URLs before allowing you to post?

Article URL:

Article Tags: virus ahri iframe injection malicious code recruitment websites job board security hacking insecure twitter malware

Comments Hide Comments (0)

Feel free to join in on the conversation. All comments are moderated before publishing. Comments posted by subscribers don't necessarily reflect the views of Recruitment Directory.

Your Name: * Required
Your Email Address: * Required
Website URL:
Comments: * Required
Enter the code you see in the image above (case sensitive). Click on the image to refresh it.

Back to Menu Back to Menu

Random Blog Articles

Job Site Traffic Jan 2009
Published: 2:54pm Tuesday 13 January 2009

Recruitment Marketing Analytics
Published: 12:00pm Wednesday 02 September 2009

Creating Adobe AIR Job Search Applications
Published: 6:30pm Sunday 22 November 2009

Linkme infestation
Published: 1:29pm Monday 23 February 2009

Is it time to say farewell to 3rd party application forms?
Published: 11:30am Tuesday 19 July 2011