Enormousw1illa.com

There has been an increased number of forced redirects to malicious domains associated with an exploit of the .htaccess file. The Enormousw1illa.com (194.28.114.102) domain is one of the various malicious domains that are used to attack computer users that have fallen victims to this attack. Various websites have been hacked so that they will direct their visitors to the Enormousw1illa.com domain. In most cases, the .htaccess file was modified so that any visitors coming from the major search engines (for example, Yahoo, Google, or Bing) would instead be redirected to Enormousw1illa.com. This information is available by checking the referrer for a particular visitor.

By adding a malicious code to the .htaccess file on hacked websites, criminals can then take advantage of a loophole which allows them to send any visitors from a particular referrer to the Enormousw1illa.com domain, without any chance of undoing this redirect before they are sent to what is clearly an attack website. The Enormousw1illa.com domain is already on Google's blacklist and, as of the writing of this article, 787 domains had already been compromised with this hack. This number is expected to grow until this security loophole is closed. Enormousw1illa.com went live on January 29th, 2012. ESG malware analysts suspect that the Enormousw1illa.com redirects are caused by the same lawless group that is in the background of other .htaccess attacks directing to various malicious domains.

Understanding how .htaccess Allows Criminals to Force You to go to Enormousw1illa.com

The .htaccess file is a vigorous tool that can be used to wreak havoc on a particular website if .htaccess falls into the wrong hands. Using the .htaccess file, criminals can redirect search engine results to malicious websites, hide a backdoor on the victim's computer system, inject malicious files directly into the victim's computer, as well as performing various other attacks. Some characteristics of the .htaccess file that make .htaccess vulnerable for attack include the fact that .htaccess is a hidden file, which makes .htaccess more difficult to find in the hands of inexperienced website owners, as well as the fact that .htaccess allows the computer user to make powerful changes to how the web server processes connections and to php behavior. While this is an important file, this means that .htaccess can be used for attacks that are not easy to detect or clean up.