Iowa City's Website Exposes Users To Malware

Posted in: Iowa City News
While doing my usual routine of making sure all my bills are paid, I browsed to ICGov.org. Unexpectedly, however, Google's Chrome Browser alerted me: "Warning: Visiting this site may harm your computer!"

What?

After clicking on the more information link, google listed a scripting exploint from 318x(dot)com existed on Iowa City's website. It was last checked by Google on 2009-11-27 - Scary.

I'm a computer programming and web developer - fortunately I understand web security. Using a tool from selfseo.com (http://www.selfseo.com/html_source_view.php), I checked the source code of the icgov.org website. This 'source code' tells your web browser how to display the website. Source code can link to scripts and malicious content that tries to attack vulnerabilities in your computer.

Sure enough, the source contained scripting from the 318x website, a temporary website setup by hackers to launch malicious scripts. The script, which is simply a small amount of text that tells your browser to access the infected code, probably would have been placed on the Iowa City website by a sophisticated computer virus.

Although we don't know how it got there we hope it can be fixed soon. I tried calling the Press Citizen and The Gazette with this information, then I remembered I run a news website, so I've chosen to post here. Hopefully most people were shopping, rather than visiting the Iowa City website on Friday.

We also don't know exactly what visiting the website would do. Exploitative websites such as 318x don't last very long online - sometimes a few days, sometimes only an hour. Hopefully it's fixed soon.
Please login to post.