1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Facing MALWARE! issues with couple of my sites .. Need help

Discussion in 'Blogging' started by vdovaulthack, Mar 18, 2014.

  1. vdovaulthack

    vdovaulthack Junior Member

    Joined:
    Feb 19, 2012
    Messages:
    191
    Likes Received:
    5
    My sites are facing MALWARE issues. One of my site (which I hardly used) got a phishing page added to it, and I had to take it down.

    I removed its nameservers setting from Godaddy to take it down for the time being. The phishing link has now been removed by my hosting, but I fear that

    its still vulnerable. Another of my site (pretty new, for which still no post was added) got blacklisted and throws MALWARE notification, whenever I try

    opening it. Its very disappointing. Please suggest ways to avoid such issues. Are there any free ways to fix this ?

    Is getting blacklisted at such an initial stage a big issue ? I read that if problem is fixed then site can be removed from being blacklisted in 1-2 weeks.

    Any help is appreciated.
     
    Last edited: Mar 18, 2014
  2. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,139
    Likes Received:
    28,607
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    Once you have cleaned up the sites and secured them, you can request Google for a malware review.
     
  3. spmcnerd

    spmcnerd Regular Member

    Joined:
    Dec 20, 2010
    Messages:
    309
    Likes Received:
    106
    Ask your host where they entered. Your problem can and likely will be back if it's through FTP.
    Super clean your box.
    Careful what scripts and plugins you install.
    Use passwords that only a password manager can remember.

    Good Luck!

    and your name is ironic?
     
    Last edited: Mar 18, 2014
  4. vdovaulthack

    vdovaulthack Junior Member

    Joined:
    Feb 19, 2012
    Messages:
    191
    Likes Received:
    5
    Thanks for the suggestions. Is there any free tool to help get rid of such issues ?
     
  5. gtownfunk

    gtownfunk Registered Member

    Joined:
    Jan 26, 2011
    Messages:
    99
    Likes Received:
    26
    Occupation:
    Software Developer
    Location:
    Austin, TX
    Home Page:
    Lots of times that I get the malware notification (Google's safe browsing API returning naughty) it has been due to SQL/javascript injection. Lots of bots keep sending form requests until they get one that crashes. Also, just linking to a page like that can screw you up... although I've seen lots of Google+ pages pointing to unsafe domains.

    gtownfunk
     
  6. watsonovedades

    watsonovedades Senior Member

    Joined:
    Mar 10, 2011
    Messages:
    922
    Likes Received:
    233
    Location:
    Mexico
    first of all
    change your password immidiately
    if you were a victim from malware you can have all of your sites compromised
    on a sidenote you can also contact your server privider and ask him to do something about it
    in my case i spoke with hstgator representative and he reported the isssue

    like a plus you can install the wordpress plugin wordreference to secure your sites

    Hope it helps
     
  7. Rockers

    Rockers BANNED BANNED

    Joined:
    Jul 4, 2013
    Messages:
    971
    Likes Received:
    52
    Yes agreed mate few days ago same issue facing with this techno it has been resolved.
     
  8. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,496
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    Are you using a borrowed WordPress theme that may be compromised?
     
    Last edited: Mar 18, 2014
  9. vdovaulthack

    vdovaulthack Junior Member

    Joined:
    Feb 19, 2012
    Messages:
    191
    Likes Received:
    5
    is the pluggin called wordreference ?
    How can I find and clean the files responsible for current issue?
     
  10. evilclown

    evilclown Senior Member

    Joined:
    Jul 31, 2012
    Messages:
    805
    Likes Received:
    575
    Occupation:
    Party Clown
    Location:
    Clownville
    1. Don't use poor passwords. We are in 2014 pass123 is outdated, there is even free tools to have secure passwords.
    2. This is why you don't use free, hacked, nulled, and any other form of themes and plugins for wordpress from trusted sources.
    3. This is why you don't use share hosting on quality sites.
     
  11. gtownfunk

    gtownfunk Registered Member

    Joined:
    Jan 26, 2011
    Messages:
    99
    Likes Received:
    26
    Occupation:
    Software Developer
    Location:
    Austin, TX
    Home Page:
    This much is true, the Wordpress theme and plugin market is a dirty, dirty place. I have seen a couple of my compadre's websites hosting all kinds of links he didn't know about. Free software though.. I mean, you get what you pay for. Often times I bet there are just common bugs/exploits that are corrected.. though there is definitely some malintent in lots of cases.

    But, I've also seen bots poke values at custom websites doing random SQL/javascript injection... so it's surely not isolated to wordpress.

    gtownfunk
     
  12. roadhamster

    roadhamster Regular Member

    Joined:
    Mar 12, 2012
    Messages:
    300
    Likes Received:
    226
    Is there a chance that you upload files to your website with filezilla-ftp? Filezilla saves the passwords for your websites in plain on your computer in a xml-file which can be read easily if you are infected with spyware/malware on your computer.
    Advice: don't save passwords with filezilla.
    Other options (if your using wordpress): change password immediately on your wordpress, install wordfence, keep your plugins and your wordpress up-to-date.
    Good luck
     
    • Thanks Thanks x 1
  13. vdovaulthack

    vdovaulthack Junior Member

    Joined:
    Feb 19, 2012
    Messages:
    191
    Likes Received:
    5
    No I do not use filezilla. I have changed my wp login pwds. Should I change cpanel login details too ?
    How to get the blacklisting removed ? My other site (hosted by same host) is an adsense site, I fear it getting banned.
     
  14. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,019
    Likes Received:
    1,496
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    What was the source of the infection or attack on your sites?
     
  15. vdovaulthack

    vdovaulthack Junior Member

    Joined:
    Feb 19, 2012
    Messages:
    191
    Likes Received:
    5
    thanks for all the suggestions. It seems the free wp theme had issues. I removed it now.
    If I start posting on my site now, will my articles get indexed ? (it was blacklisted few weeks ago)
    will it be safe to use adsense on this site ?