The Four Word Film Review Fourum
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

Return to my fwfr
Frequently Asked Questions Click for advanced search
 All Forums
 Off-Topic
 General
 benj: my frustration with malicious javascript		  New Topic  Reply to Topic
 Send Topic to a Friend
 Printer Friendly
Author Previous Topic Topic Next Topic  

duh 
"catpurrs"
Posted - 09/26/2008 :  05:16:42  Show Profile  Reply with Quote
Question for benj:

The server my sites are hosted on seems to have been hit with a virus???

I discovered that hundreds of my page files were contaminated with a malicious javascript iframe.

I notified Support and sanitized all my sites. Some files were missing but I replaced those from backups.

Support said that it had to have been my fault, that I must have had insecure scripts, etc. They advised that I change my ftp passwords, etc. My thought was that if it were merely a case of a script kiddy wanting to deface my site, they would do something more obvious than hide a javascript iframe in a bunch of files. Moreover, my sites are not the kind that would be likely to yield any juicy information of value to Chinese and Russion hackers.

So, I changed the passwords for all the sites and so on.

Today I find that a previously sanitized site has been contaminated again.

Then I noticed that the server's default 404 page is also contaminated. That comes from the server, not my sites, correct? Wouldn't that mean that it is the server that is infected?

It takes hours to get all my sites cleaned up and wastes time I could use to be creative.

Any advice?

benj clews 
"...."
Posted - 09/27/2008 :  18:44:01  Show Profile  Reply with Quote
I need to know more about your site (sorry I don't know the URL even though I'm pretty sure I've been on it before now). What is it written in? Does it have a database back-end? Also, have you googled the virus you got hit by to see if anyone knows how it works it's way on to servers such as yours?

At first, I was wondering if this might be the same thing FWFR got hit by a few months back. That was SQL injection (i.e. manipulation of your database content) to insert references to malicious remotely-hosted Javascript, but if they've actually manipulated the source code of your site then it's not this.

Anyway, let me know the above and hopefully I can be more help.
Go to Top of Page

duh 
"catpurrs"
Posted - 09/28/2008 :  17:51:00  Show Profile  Reply with Quote
quote:
Originally posted by benj clews


Anyway, let me know the above and hopefully I can be more help.


benj, I'll PM you about this.
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Send Topic to a Friend
 Printer Friendly
Jump To:
The Four Word Film Review Fourum © 1999-2024 benj clews Go To Top Of Page
Snitz Forums 2000