Monday, January 01, 2007

Hackers Using Google as a PhotoCart Locator Tool

It would appear that I have some evidence that indicates it's the Turkish hackers that are known to exploit these types of vulnerabilities doing this PhotoCart vulnerability attack.

Here's a sample of how they used Google's INURL search function to locate the PhotoCart sites in Google's index:
As a matter of fact, they hit my blog now that I've been posting about this problem the word "photocart" was in the URL so they got a direct hit on this page:
Here's the source of the "research" for PhotoCart from a Turkish DSL line:
IP Address
Country Turkey
Sorry about the obfuscated IP address, but I don't want people doing a DoS on him/her/it.

Perhaps Google should restrict some features like INURL: to only be accessed by webmasters registered to use Google tools so they know exactly who these people are when they abuse these features.

No comments: