34 {{ upvoteCount | shortNum }}
34 {{ upvoteCount | shortNum }}

My site has been hacked! Help!

by infomaniacs
29 replies
Hi,
I am getting this warning message whenever I open my site. Can anyone tell me how to fix it please?
thanks
Angela
#hacked #site
  • Profile picture of the author infomaniacs
    ok well the screendump didn't work.
    the message says "Threat Was Blocked!"
    file name: mysexgallery.in/index.php?showtopic=701257
    threat name: Exploit Blackhole Exploit Kit Detection (tpye 1889)
    Process name: Crogram Files\Mozilla Firefox\firefox.exe
    process Id: 276
    Signature
    POSITIONS VACANT - Work From Home Pet Business
    Make Money ~ Unique Products That EVERYONE Needs
    {{ DiscussionBoard.errors[5794699].message }}
    • Profile picture of the author simplybeastz
      Originally Posted by infomaniacs View Post

      ok well the screendump didn't work.
      the message says "Threat Was Blocked!"
      file name: mysexgallery.in/index.php?showtopic=701257
      threat name: Exploit Blackhole Exploit Kit Detection (tpye 1889)
      Process name: Crogram FilesMozilla Firefoxfirefox.exe
      process Id: 276
      Seems like your PC. There's been a nasty virus going round, that's been nearly invisible to many Anti-Virus software; only yesterday were some picking it up. Download process manager and report back to us. I should be able to find it and then you can download Malware bytes to get rid of it.

      By any chance. Have you done any torrents this week? This is the main way, as it changes your LAN/Proxy settings on your Reg Edit and the browser and only FF & GC work.
      Signature
      https://github.com/thefarcry118/Banana-Phone
      {{ DiscussionBoard.errors[5794853].message }}
      • Profile picture of the author infomaniacs
        Originally Posted by simplybeastz View Post

        Seems like your PC. There's been a nasty virus going round, that's been nearly invisible to many Anti-Virus software; only yesterday were some picking it up. Download process manager and report back to us. I should be able to find it and then you can download Malware bytes to get rid of it.

        By any chance. Have you done any torrents this week? This is the main way, as it changes your LAN/Proxy settings on your Reg Edit and the browser and only FF & GC work.
        it only happens on the one site, nothing else triggers the warning. I havent downloaded torrents before, so that wouldnt be it.
        Signature
        POSITIONS VACANT - Work From Home Pet Business
        Make Money ~ Unique Products That EVERYONE Needs
        {{ DiscussionBoard.errors[5794862].message }}
    • Profile picture of the author Jit Lim
      Can you confirm whether its your website or PC? Just went to your website under your signature and that seems to be fine. Go to one of the free online sites like Symantec or Panda and scan your PC as a precaution.

      But if its your website, try this free scanner on Sucuri SiteCheck - Free Website Malware Scans
      If you find a plugin that got infected, it may just need to be deleted and reinstalled.
      Signature
      "Take Inspired Action!"
      {{ DiscussionBoard.errors[5794887].message }}
  • Profile picture of the author SteveJohnson
    You're probably going to need to hire someone to go in and clean it up...
    Signature

    The 2nd Amendment, 1789 - The Original Homeland Security.

    Gun control means never having to say, "I missed you."

    {{ DiscussionBoard.errors[5794796].message }}
  • Profile picture of the author infomaniacs
    so not a simple fix then
    Signature
    POSITIONS VACANT - Work From Home Pet Business
    Make Money ~ Unique Products That EVERYONE Needs
    {{ DiscussionBoard.errors[5794823].message }}
  • Profile picture of the author stanhawk
    It seems that malicious software was installed either on your site or your pc. I doon't get that message in my iPad, so it might just be you. Contact your host and ask them to wipe your site, then run some antivirus software on your pc.
    {{ DiscussionBoard.errors[5794829].message }}
  • Profile picture of the author SteveJohnson
    No, not so simple. The 'Blackhole Exploit' comes from someone getting into your hosting account in some form or fashion, and adding some malicious javascript code. Have to go through every file looking for the code, and then try to determine just how it was put there in the first place. Takes a bit of time to clean up.
    Signature

    The 2nd Amendment, 1789 - The Original Homeland Security.

    Gun control means never having to say, "I missed you."

    {{ DiscussionBoard.errors[5794842].message }}
    • Profile picture of the author SteveJohnson
      Originally Posted by SteveJohnson View Post

      No, not so simple. The 'Blackhole Exploit' comes from someone getting into your hosting account in some form or fashion, and adding some malicious javascript code. Have to go through every file looking for the code, and then try to determine just how it was put there in the first place. Takes a bit of time to clean up.
      And if the host's latest backup has the bad code in it?
      Signature

      The 2nd Amendment, 1789 - The Original Homeland Security.

      Gun control means never having to say, "I missed you."

      {{ DiscussionBoard.errors[5794848].message }}
  • Profile picture of the author Olson Mino
    Get in touch with your hosting company....they can help you out.
    {{ DiscussionBoard.errors[5794859].message }}
  • Profile picture of the author traficmaster
    your hosting co. will clean it up for ya,i hope you have backups from the last few weeks
    {{ DiscussionBoard.errors[5794869].message }}
  • Profile picture of the author aaronhoug
    It could be something within your Firefox?
    Signature
    {{ DiscussionBoard.errors[5794902].message }}
  • Profile picture of the author SteveJohnson
    Your hosting company can't help with this, and it's not a virus on your PC.
    Signature

    The 2nd Amendment, 1789 - The Original Homeland Security.

    Gun control means never having to say, "I missed you."

    {{ DiscussionBoard.errors[5794906].message }}
  • Profile picture of the author elasu13
    Why cant the hosting company help? I Think the hosting company would be the main people you need to talk to
    {{ DiscussionBoard.errors[5794915].message }}
  • Profile picture of the author Aremutola
    Contact Your hosting company
    {{ DiscussionBoard.errors[5794943].message }}
  • Profile picture of the author Dimitris Skiadas
    Or maybe hire someone on Fiverr for 5$ to fix that problem for you. I say that because i had 5 of my sites hacked in the past.

    And i was pretty lucky to solve this problem in no time!

    Dimitris
    Signature
    {{ DiscussionBoard.errors[5795092].message }}
  • Profile picture of the author Kung Fu Backlinks
    If you haven't done any mods to your core WordPress files, you should reinstall them to see if that helps. That simple step will fix many problems.

    Simply go to the top left link "updates" and select to reinstall core files.
    Signature
    G+ LOCAL SETUP ___and____ Custom WordPress - Genesis Child Themes (see portfolio here)

    SCHEMA.ORG + GEOTAGGING + KML + PUBLISHERSHIP + so much more...
    {{ DiscussionBoard.errors[5795108].message }}
  • Profile picture of the author Burton Lancaster
    Arrange the files by "date modified" to find the culprit files. Delete them. If the culprit files are files required for your website, then you need to replace them with back-ups. Change all your passwords, run a scan on your machine.
    {{ DiscussionBoard.errors[5795174].message }}
  • Profile picture of the author jembuter
    yea, go to fiverr and get someone to fix it
    {{ DiscussionBoard.errors[5795231].message }}
  • Profile picture of the author Vincent Abrugar
    Go to your hosting's File Manager and access your website files you might find the inserted malware code at the index.php and wp-config.php
    Signature
    WordPress Malware Removal & Support Services
    www.vincentabrugar.com
    {{ DiscussionBoard.errors[5795331].message }}
  • Profile picture of the author Mike Ogbin
    The first step you should take is to email or chat with your web hosting support team for the problem that you have. Show to them the error message and ask them for ,the last backup of your website.

    Good Luck.
    Signature
    Speedy Up - Jumping game that change your mood and put smile in your face :)
    {{ DiscussionBoard.errors[5795443].message }}
  • Profile picture of the author infomaniacs
    Hi,
    thanks for everyone's replies, it is fixed now thanks to recommendation from Garage667 for a fiverr gig, all good!
    angela
    Signature
    POSITIONS VACANT - Work From Home Pet Business
    Make Money ~ Unique Products That EVERYONE Needs
    {{ DiscussionBoard.errors[5795461].message }}
  • Profile picture of the author Usmile
    Contact your web hosting company to fix all things. They can surely help you to clean it up and keep it further attack. Do it as early as possible.
    Signature
    {{ DiscussionBoard.errors[5807315].message }}
  • Profile picture of the author seobro
    I got hacked last week and it took me three days to get back up. A lot of databases were smashed so I know the agony. WHEN are we going to get good security from web hosting companies. Well, the answers seems never. They got no problem cashing my big check, anything else is beyond their scope. I had to do all the work myself because they "forgot" to do their daily back ups. Oh, my blood is boiling again.
    Signature
    http://www.seobro.com
    {{ DiscussionBoard.errors[5807374].message }}
    • Profile picture of the author Sillysoft
      Originally Posted by seobro View Post

      I got hacked last week and it took me three days to get back up. A lot of databases were smashed so I know the agony. WHEN are we going to get good security from web hosting companies. Well, the answers seems never. They got no problem cashing my big check, anything else is beyond their scope. I had to do all the work myself because they "forgot" to do their daily back ups. Oh, my blood is boiling again.
      Wooa, this isnt a hosting issue. Its a wordpress issue. If the hosting company locked you down then you wouldnt be able to use wordpress.
      {{ DiscussionBoard.errors[5807405].message }}

Trending Topics