Announcement

Collapse
No announcement yet.

*FIXED* Please don't go to my website until further notice *FIXED*

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • *FIXED* Please don't go to my website until further notice *FIXED*

    My website has been victim to malicius attack and has been setting off alarm bells the last couple of days.

    I have fixed it a couple of times, but keeps getting attacked.

    I cannot say if it is safe or not as I have no idea on what these hackers are trying to do.

    I will let everyone know when it is again safe to visit.

    If you have any enquiries, then you can call me direct on 0422 600 193.

    Cheers Danny.


    --edit--

    Here is the code that has been inserted

    *REMOVED*

    Any ideas?
    Last edited by gameroom; 9th January 2013, 05:45 PM. Reason: Code removed, maybe causing some users issues

  • #2
    IMO you should shut it down and create a temporary page for it, otherwise you'll get people not on AA with problems.
    Best of luck though.
    My computer/gaming/technology website:
    Please check it out!

    Comment


    • #3
      Either there's an exploit on the server that hosts your site or you may have accidentally left some config file publically accessible which held credentials that are now being used to insert their code.

      Comment


      • #4
        I use eCommerce which is widely used. If there is an exploit in that, then that could be the reason why 1000's of websites have been affected in the last few days.

        I have a new website being designed at the moment. May have to step it up a bit.

        Comment


        • #5
          General points of failure are the web server being compromised either Apache as the web server or the operating system, software exploit possibly an issue in eCommerce or user error in that they may have left an install file publicly accessible from when first setup and these have details such as username and password to the database which might be the same as a user's account details giving someone full control.

          Seems that it's not limited to any particular cms, there's some info at http://stopmalvertising.com/malware-...stats.php.html

          Comment


          • #6
            If you are running Wordpress or Joomla - couldn't hurt to upgrade to the latest version if you still have access.

            Cleaning up your .htaccess file (security) might be next on the list.

            Krumm is absolutely on the money if you are on shared hosting.

            Most of the time on the above couple of scenarios a backup and restore (even after the fact) can be of assistance (until next time).

            Arsehole script kiddies @ it again....Good luck with it.

            Comment


            • #7
              I took the site offline, did a backup, and then did a restore from an older backup.

              Seems to be working, and Google has given it the "all clear" (although they said it can take a while for the warnings to disappear)

              Hopefully it fixes it all, but will see if it has been compromised again by the morning.

              The NEW website is being done with Wordpress. No more osCommerce.

              Comment


              • #8
                Bad form from these bastards Danny. Hope you get it sorted soon.
                Dave
                ************************************************** *******************
                Remember--The early bird catches the worm, but the second mouse gets the cheese!

                Comment


                • #9
                  Originally posted by furballx View Post
                  Hope you get it sorted soon.
                  It was being attacked around 3am to 4am each day. Still all clear today so hopefully all good.

                  Real test will be tomorrow morning.

                  Comment


                  • #10
                    Dang, wish I seen this earlier, just visited your site yesterday, Firefox didnt let me in though luckily.

                    All the best on get it sorted!!
                    "It's always funny until someone gets hurt and then it's just hilarious" - Bill Hicks

                    Comment


                    • #11
                      DAMN! attacked again, but different this time.

                      *Removed*

                      and here is the contents of jquerymini dot js

                      *Removed*
                      Last edited by Foot; 19th July 2012, 07:43 PM. Reason: Removed code, may cause some users issues

                      Comment


                      • #12
                        Maybe jump on whirlpool and create a thread there with you're issues. There are some good tech heads on that forum that should be able to sort out you're problem in no time.
                        sigpic

                        Comment


                        • #13
                          I'd be contacting your web hosting personally and inform them of what has happened so they can investigate.

                          Comment


                          • #14
                            My website is still down.

                            I am working on a new site from scratch, and have updated the index page.

                            If anyone needs to contact me or order something, either send me a PM or call/text me on my mobile.

                            My website is okay to visit, but only access to the front page at this stage.

                            My facebook link is there is anyone wants to have a read...

                            Comment


                            • #15
                              Hi Danny,

                              I've removed the code in both your posts for the time being as I had reports of it setting off other users antivirus protection just by viewing the page.

                              Thanks
                              "Beer, it does a belly good!"

                              Wanted: Pacman Cab Next Project: Skinny MAME Cab for Samfoot, thread soon, no really. I might even do one on my Pole Position cab!

                              Comment

                              Users Viewing Topic: 0 members and 1 (guests)
                              Working...
                              X