• True…

    Security still hasnt been recognized an an essential part in most of our IT Sectors.

    The weaknesses pointed out are to be seriously taken as it may further lead to critical damage.

    i agree with the author!

  • hi

    and can we have a nice article on steps and measures to avoid these attacks and also steps and measures to get rid of it once it has attacked the site, plz?


  • Hamayun Khan


    Yaar amir bhai mere saath kaspersky internet security hai…..Din me 3 dafa update karta hun….kia phr bi muje malware se khatra hai?
    Plz aap humain bata dain aur aap ke khyal best internet security Ya antivirus kon sa hai?

  • maddy

    Dear Mr. Ali Raza,

    Many thanks for bringing this into Public knowledge.

    I wish to take this opportunity to highlight few more Pakistani sites with similar issue:

    **WARNING**: I highly recommend you not to visit the followings until you are confident that your AV will not fail! I, nor the original Author of this Blog Post or the owners of this site shall be held responsible for your losses of any or all kind. Please visit at your own discretion.

    1. Karachi Port Trust:(http://www.kpt.gov.pk/)
    Link to “Port Tariff” is actually infected.
    Threat: JS/TrojanDownloader.Agent.NQB.gen trojan
    For More info, google: “Gumblar” and ” Martuz”

    2. Mushko Electronic (http://www.mushko.com/)
    A link within their site was infected with Trojan, I cant seem to find it again. Or maybe they’ve fixed it already.

    3. Pakistan Chemical Directory (www.pcdpk.com)
    Main site is infected with Malware, Google gives warning and Firefox too!

  • Apparently it was a ftp hack which took A LOT of sites down including a couple of mine.

    The Hack would steal ftp password from the infected machine and insert an iframe link in index.php and other files. Code looks something like this :-


    Clean your computer and remove any startup items which look shady. I yet have to see a better antivirus than kasperky.

    Change you FTP Password.

    Remove all malicious iframe codes and look for odd software on the hosting server and remove it.

  • This problem is particular with our Govt. websites. As per my information, most of these are hosted by a single ISP (dont want to name) of Pakistan.

    They need to ensure that the the hosting company is maintaining the above mentioned standards. Also the concerned staff/web master should be properly trained & monitored to ensure nothing suspicious is taken place through the website (like we recently saw the case of misusing the educational institute website for getting traffic).

  • 5 Tips For Every New Website

  • Once caught up by Google for hosting malicious software on your server, then its will take a ample amount of time to reconsider for Google.