Wave Of Hacking Going Around! Take These Steps To Avoid The Wrath

AndrewHansen · 06-19-2009, 03:30 PM

Hey Guys,

I have had some terrible trouble this last week with some of my sites getting attacked by a virus that I now know is also affecting alot of marketers, AND... I have reason to believe, Hostgator users (very likely other hosts) as well...

I've spent the week wrestling with coders and hosting support about it and gotten all the information I can on how to prevent it, so I thought I'd share it with everyone here too.

It's a piece of Malware that infects your local computer, and digs through to find passwords that are stored in programs like password banks, robo forms, ftp programs, etc. It then accesses your site via FTP and adds malicious code to your index pages, which causes Firefox to display a "REPORTED ATTACK SITE" message which (rightly) prevents access to your site.

You then have to go through and delete all the malicious code on any pages that are affected (finding which pages and how many is a matter for your hosting account) before your site can be allowed to view in a browser again. Suffice it to say it's a right pain in the ass.

So to avoid having this affect you, I advise everyone reading (as I have been advised) to:

1. Don't store any passwords in password programs like the ones above. If you have passwords saved in these programs, you might consider clearing the records of those programs so that information isn't available.

2. Run these malware detectors on your computer to ensure you don't have infections:

Malwarebytes.org

Norman | Norman Malware Cleaner

There are many Malware scanners out there and I've been told it's good to run more than one as any given one doesn't always pick up all infections.

3. There's suspicion that Adobe Reader has some vulnerability and if you don't have the latest update you should upgrade it asap.

That's all I know for now.

So you don't get too worried, I've been informed that it's not a particular dangerous hack, it doesn't delete your site or try to find credit card info or anything, but it's dangerous enough to cause problems and be highly disruptive to your business.

I hope this is helpful.

Andrew

Andyhenry · 06-19-2009, 03:46 PM

Thanks for taking the time to share that Andrew - It's appreciated.

Fernando Veloso · 06-19-2009, 03:54 PM

Thanks Andrew, will check all my sites and ftp connections.

06-19-2009, 03:30 PM	#1
AndrewHansen Senior Warrior Member War Room Member Join Date: Feb 2006 Location: London UK Posts: 1,711 Thanks: 11 Thanked 413 Times in 59 Posts Social Networking Contact Info	Wave Of Hacking Going Around! Take These Steps To Avoid The Wrath Hey Guys, I have had some terrible trouble this last week with some of my sites getting attacked by a virus that I now know is also affecting alot of marketers, AND... I have reason to believe, Hostgator users (very likely other hosts) as well... I've spent the week wrestling with coders and hosting support about it and gotten all the information I can on how to prevent it, so I thought I'd share it with everyone here too. It's a piece of Malware that infects your local computer, and digs through to find passwords that are stored in programs like password banks, robo forms, ftp programs, etc. It then accesses your site via FTP and adds malicious code to your index pages, which causes Firefox to display a "REPORTED ATTACK SITE" message which (rightly) prevents access to your site. You then have to go through and delete all the malicious code on any pages that are affected (finding which pages and how many is a matter for your hosting account) before your site can be allowed to view in a browser again. Suffice it to say it's a right pain in the ass. So to avoid having this affect you, I advise everyone reading (as I have been advised) to: 1. Don't store any passwords in password programs like the ones above. If you have passwords saved in these programs, you might consider clearing the records of those programs so that information isn't available. 2. Run these malware detectors on your computer to ensure you don't have infections: Malwarebytes.org Norman \| Norman Malware Cleaner There are many Malware scanners out there and I've been told it's good to run more than one as any given one doesn't always pick up all infections. 3. There's suspicion that Adobe Reader has some vulnerability and if you don't have the latest update you should upgrade it asap. That's all I know for now. So you don't get too worried, I've been informed that it's not a particular dangerous hack, it doesn't delete your site or try to find credit card info or anything, but it's dangerous enough to cause problems and be highly disruptive to your business. I hope this is helpful. Andrew
	[FREE] The One Magical Tweak That Will Ensure Every Affiliate Site You Create Makes SERIOUS Cash... http://affiliateblogprofit.com/free

06-19-2009, 03:46 PM	#2
Andyhenry Beware - Straight Talker War Room Member Join Date: Jan 2004 Location: United Kingdom Posts: 9,255 Blog Entries: 25 Thanks: 1,178 Thanked 4,487 Times in 1,494 Posts Social Networking	Re: Wave Of Hacking Going Around! Take These Steps To Avoid The Wrath Thanks for taking the time to share that Andrew - It's appreciated.
	Get The Real Truth About SEO In 2012

06-19-2009, 03:54 PM	#3
Fernando Veloso Portuguese Warrior War Room Member Join Date: Nov 2008 Location: Good Old Europe Posts: 3,487 Blog Entries: 6 Thanks: 1,310 Thanked 810 Times in 556 Posts Social Networking Contact Info	Re: Wave Of Hacking Going Around! Take These Steps To Avoid The Wrath Thanks Andrew, will check all my sites and ftp connections.
	Portugal Internet Marketing Since 2004. Fernando Veloso \| Seo Portugal \| Empresa SEO